[keycloak-user] Configuring javascript calling REST service

Robert van Loenhout r.vanloenhout at greenvalley.nl
Tue Aug 2 11:30:57 EDT 2016


I'm using the keycloak javascript adapter and the spring security adapter for my REST service.
The REST service is configured as a client with 'bearer-only' access type.
The javascript client is authenticated. When it does an ajax call to my REST service I receive the following error in my browser:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:30001/rest1/greeting. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

I have added
"enable-cors": true
to my REST keycloak configuration.
However where do I configure which origins are allowed?

For 'public' and 'confidential' clients you can configure the web origins in the admin console.
But when I set it to 'bearer-only' this field is gone.

So what exactly are the steps you have to take to configure a javascript client that call a REST service on another host?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160802/46406e23/attachment.html 


More information about the keycloak-user mailing list