[keycloak-user] Key cloak Direct Access Grants. How?

Bill Burke bburke at redhat.com
Mon Feb 1 11:46:13 EST 2016


Take a look at the admin-access-app example.

So, mod-auth-openidc works with Keycloak?  Would you be interested in 
contributing a ClientInstaller that generates config for it? Similar to 
the mod-auth-mellon one?

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/saml/installation/ModAuthMellonClientInstallation.java

Here's one that generates keycloak client adapter config for OIDC too:

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/installation/KeycloakOIDCClientInstallation.java


On 2/1/2016 11:27 AM, Reed Lewis wrote:
> I have Keycloak working very well now where it can validate users in 
> its own database, against a legacy database in our company, and from 
> Google and Microsoft.   Right now I have been testing with this module 
> for Apache:
>
> https://github.com/pingidentity/mod_auth_openidc
>
> And it works as it should.   I can go to a webpage on my webserver, 
> and the complete flow works well.  The user is redirected to the login 
> page, then it returns, and my webserver requests a token as it should.  :)
>
> What I plan on doing though is securing a mobile App.   I cannot find 
> a raw HTTP(s) example of how to make a direct access grant where 
> keycloak well ask the user for credentials, and directly return an 
> jwt?   Is this possible, or should I use the two step method (keyclock 
> with redirect => to URL in APP => makes request with code to get the 
> tokens?
>
> Also, does anyone have good standalone python, node.js or even C code 
> to validate a token?  I see there are libraries, but I would like to 
> use just openssl if possible.
>
> Thank you,
>
> Reed Lewis
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160201/1096cb4b/attachment.html 


More information about the keycloak-user mailing list