[keycloak-user] Help with keycloak integration with Spring boot rest api

Anunay Sinha anunay.sinha at arvindinternet.com
Tue Sep 8 06:35:39 EDT 2015 

Hi Everyone,
I am new to both spring and keycloak and I do admit that am writing this
before exhausting all my options, but I have spent quite a good amount of
time on this.

So here is my deal.
I have created a spring boot rest api and have tested it.
Next I was trying to integrate it with keyCloak
  I modified my gradle for keycloak
  I configured a client in KeyCloak admin console. It  was bearer only.

{
  "realm": "TestMyAccount",
  "realm-public-key":
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqKhSVCGWBxzT5nFByxE1EbJ7YVo05JxO4wVVJJsp25gy7GQhR89qidSUkT3onlc4jLEDH5hLt/mszuDSmSUAHrHhSrTWbgF6Ii4L1fwU57+a6W2vVDI3UvSeTxiTnIrvpeD7g9hw/cscOMD7ngiqFAuh0fLj6IS4mmMfGsVf35IfiHpEfRpTS+Th/Y48AAYxJxbZlmNmJe91xCxdbPi36tb2Ecv7kPnXdI3a+ZhSm/NhP3ZYURu9SWcXlCJfRcOo9eATgGu2PruOsrHKl/YKf3+nGTDSmiHLOCRoL2gvedgr/3VzsEFpcJRjrNCWaKhsgMSdr+0N/CDOA6TR76uewIDAQAB",
  "bearer-only": true,
  "auth-server-url": "http://127.0.0.1:8080/auth",
  "ssl-required": "none",
  "resource": "AIL_MYACCOUNT"
}

Next I added the following items to my application.properties

keycloak.realm = TestMyAccount
keycloak.realmKey =
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqKhSVCGWBxzT5nFByxE1EbJ7YVo05JxO4wVVJJsp25gy7GQhR89qidSUkT3onlc4jLEDH5hLt/mszuDSmSUAHrHhSrTWbgF6Ii4L1fwU57+a6W2vVDI3UvSeTxiTnIrvpeD7g9hw/cscOMD7ngiqFAuh0fLj6IS4mmMfGsVf35IfiHpEfRpTS+Th/Y48AAYxJxbZlmNmJe91xCxdbPi36tb2Ecv7kPnXdI3a+ZhSm/NhP3ZYURu9SWcXlCJfRcOo9eATgGu2PruOsrHKl/YKf3+nGTDSmiHLOCRoL2gvedgr/3VzsEFpcJRjrNCWaKhsgMSdr+0N/CDOA6TR76uewIDAQAB
keycloak.auth-server-url = http://127.0.0.1:8080/auth
keycloak.ssl-required = external
keycloak.resource = AIL_MYACCOUNT
use-resource-role-mappings = false
ssl-not-required = true
bearer-only = true

This is as per the documentation
<http://keycloak.github.io/docs/userguide/html/ch08.html#spring-boot-adapter>

I don't have a web.xml in my project and going as per the video tutorial I
ignored those settings.

My access to api was restricted and it is asking me for the authorization.
But am not able to provide it. As per the example in the document, it seems
like bearer only application work on tokens only.
-------------------------------------------------
Here is my first question.
Is there a way to generate the tokens for bearers only applications
-------------------------------------------------

To get the token I created another client, this time "confidential"
redirecting to same base URI and used it to generate the access token

When am using this access token to access my API am still getting the 401
error.

Am not sure what am doing wrong and where am doing wrong.

Request you to please help me with this
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150908/0503b48f/attachment.html

More information about the keycloak-user mailing list