[keycloak-user] Two way communication required between Keycloak Server and REST API BAckend Server?

Stian Thorgersen sthorger at redhat.com
Tue Jul 19 02:45:33 EDT 2016


The REST service doesn't need to communicate directly with Keycloak. The
auth-server-url is required by a bearer only token mainly to verify the
issuer in the token (it's the full url of the realm, not just the realm
name).

On 15 July 2016 at 16:34, Adrian Matei <adrianmatei at gmail.com> wrote:

> Hi everyone,
>
> Does a Keycloak secured REST Api on JBoss EAP 6.1 (access-type bearer
> only) need to communicate with the Keycloak Server once the Adapter and
> standalone.xml are properly configured?
>
> Currently both servers are on the same DMZ zone, but we'd like to move the
> REST Api Server in Intranet zone.
>
> (test - the REST backend seems to be callable as long as the token is
> valid, though the Keycloak Server was shutdown, but I ask myself why do I
> need to specify the auth-server-url in standalone.xml, or keycloak.json
> file)
>
>
> Thanks
> Adrian
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160719/b76622bc/attachment.html 


More information about the keycloak-user mailing list