[keycloak-user] access_token always contains JWT
Stian Thorgersen
sthorger at redhat.com
Fri Feb 5 07:10:05 EST 2016
There's no such thing as a "simple token". Tokens are always a signed JWT.
On 5 February 2016 at 11:17, <manfred.duchrow at caprica.biz> wrote:
> Hi,
>
> I am trying to retrieve an access token from a Keycloak (1.8.0.Final)
> service account by
> POST /auth/realms/myrealm/protocol/openid-connect/token
> with grant_type=client_credentials.
>
> The result contains a signed JWT as value of field "access_token" rather
> than a simple token
> as described in chapter 18 (Service Accounts) of the user guide.
>
> So what I expect (need) is a response like this:
>
> {
> "access_token":"2YotnFZFEjr1zCsicMWpAA",
> "token_type":"bearer",
> "expires_in":60,
> "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
> "refresh_expires_in":600,
> "id_token":"tGzv3JOkF0XG5Qx2TlKWIA",
> "not-before-policy":0,
> "session-state":"234234-234234-234234"
> }
>
> Is there a way to configure the account or the realm to return a simple
> token
> in "access_token" (and "refresh_token") rather than a JWT?
>
> Cheers,
> Manfred
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160205/98cbf1a9/attachment.html
More information about the keycloak-user
mailing list