[keycloak-user] Announce - Secret Store
Bill Burke
bburke at redhat.com
Wed Jan 20 10:32:04 EST 2016
I honestly don't get why you are doing this. I assume you are familiar
with direct grants. Why aren't these enough? Its just a REST call to
keycloak to obtain a token. Honestly, this seems ridiculous.
On 1/20/2016 9:15 AM, Juraci Paixão Kröhling wrote:
> For Hawkular, we were in the need of a simplified way for a REST client
> to communicate with our backend. After discussing this with Stian, we
> started the "secret-store" module, which was just spun off of Hawkular
> into a "standalone" project.
>
> Secret Store is a module for scenarios where the whole OAuth procedure
> might be undesirable or not feasible on the client side.
>
> The Secret Store has two sides:
>
> 1) a REST endpoint to create opaque tokens backed by OAuth Offline
> Tokens composed of a key and secret;
>
> 2) An Undertow filter/Proxy server, that translates the opaque tokens
> into OAuth bearer tokens, rewriting the incoming request. To your
> backend, it's transparent whether an opaque token or a proper OAuth
> token was used.
>
> More info here: https://github.com/jpkrohling/secret-store
>
> - Juca.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list