[keycloak-user] Obtain Google Token

Andreas Cserinko a.cserinko at gmail.com
Fri Mar 4 06:15:03 EST 2016

Thank you very much, it works! At least I have one question: How do I know
which identity provider is used? Lets say I log in with facebook, how does
my Java code know that it must send the rest-call to the facebook-endpoint?


2016-03-04 11:11 GMT+01:00 Stian Thorgersen <sthorger at redhat.com>:

> To read the token the user has to have the broker.read-token permission.
> The client also needs a scope on it. Please take a look at
> http://keycloak.github.io/docs/userguide/keycloak-server/html/identity-broker.html#d4e2198
> On 3 March 2016 at 20:28, Andreas Cserinko <a.cserinko at gmail.com> wrote:
>> Hey guys!
>> I've been trying since a few days to make a rest-call to
>> '/realms/myrealm/broker/google/token'
>> from my Java-code. But when I send the request, the response says that
>> the token is invalid. I have no clue what token to use.
>> Can anybody please describe the flow of how to obtain the right tokens,
>> or post some examples how to solve the problem. I looked at the example on
>> GitHub (
>> https://github.com/keycloak/keycloak/tree/master/examples/broker/facebook-authentication)
>> but this example don't fit my needs because it is client-side.
>> Any help would be appreciated, thanks!
>> Thank you,
>> Andreas
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160304/0d1df5c7/attachment.html 

More information about the keycloak-user mailing list