[keycloak-user] Securing 3rd party APIs
Bill Burke
bburke at redhat.com
Tue May 17 10:43:18 EDT 2016
See Keycloak Proxy.
On 5/17/16 10:38 AM, Bruno Oliveira wrote:
> Hi Pavel, isn't something like this http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#d4e1006
> enough?
>
> On 2016-05-17, Pavel Maslov wrote:
>> Hi all,
>>
>>
>> Suppose we have a 3rd party REST API, which is not secured. How could we
>> integrate OAuth2.0 authentication using Keycloak? My first guess is to
>> create a mediation service (written in Java), which will use the Keycloak
>> Java adapter and will authenticate users based off the security_token
>> (passed to the mediation service with each request), and forward all
>> requests (including headers) to the 3rd party REST API (unsecured).
>>
>> Does it make any sense? If so, has anyone written something similar?
>>
>> Thanks.
>>
>> Regards,
>> Pavel Maslov, MS
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> --
>
> abstractj
> PGP: 0x84DC9914
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list