[keycloak-user] Hybrid flow
David Hay
bstoke69 at gmail.com
Tue Nov 17 10:17:34 EST 2015
Ok, thanks...are there any outstanding security concerns are there around
that, as long as I use TLS?
On Sat, Nov 14, 2015 at 8:45 AM, Bill Burke <bburke at redhat.com> wrote:
> We call these public clients and its the way our admin console works.
> Use our javascript adapter to obtain a token and make XHR requests to
> the server with the token.
>
> On 11/13/2015 10:29 PM, David Hay wrote:
> > Hi,
> >
> > Newbie here...
> >
> > We're needing to secure an AngularJS application hitting our REST API
> > (and supporting customers hitting it directly).
> >
> > I believe in this situation we need to utilize the Hybrid flow as there
> > is no way to secure the secret in AngularJS.
> >
> > Does Keycloak support this?
> >
> > Thanks!
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151117/4ab4e38d/attachment.html
More information about the keycloak-user
mailing list