[keycloak-user] Token validation and public client

Bruno Oliveira bruno at abstractj.org
Tue Apr 26 17:01:13 EDT 2016


Certainly token introspection is probably the best alternative, like you
already mentioned.

On 2016-04-25, Helio Frota wrote:
> Hi Bruno,
>
> I'm trying to validate an access token:
>
> https://github.com/keycloak/keycloak-nodejs-auth-utils/blob/master/lib/grant-manager.js#L260
>
> Thanks for the feedback !
>
>
>
>
> On Mon, Apr 25, 2016 at 6:49 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
>
> > It sounds like there's some misconception here. Does not make sense to
> > have a public client with client secret configured.
> >
> > Could you please elaborate more, what exactly are you trying to do? And
> > I would really appreciate if you share more details.
> >
> > On 2016-04-25, Helio Frota wrote:
> > > Hi,
> > >
> > > I found a shell script to use the new introspection path to do token
> > > validation:
> > > http://lists.jboss.org/pipermail/keycloak-user/2016-April/005869.html
> > >
> > > I'm using public client and by removing :
> > >
> > > KC_CLIENT_SECRET=a-test-client-credental
> > >
> > > The result is:
> > >
> > > {"error_description":"Authentication failed.","error":"invalid_request"}
> > >
> > > It is possible to use validation token for public clients ?
> > >
> > > Thanks!
> >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> > --
> >
> > abstractj
> > PGP: 0x84DC9914
> >

> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


--

abstractj
PGP: 0x84DC9914


More information about the keycloak-user mailing list