[keycloak-user] Access Token And PRT(request party token), which one should I use to access the resource protected by keycloak
Yizhou Jiang(Yizhou)
yizhoujiang at hengtiansoft.com
Mon Apr 17 05:08:34 EDT 2017
Hi,
By reading the document of KeyCloak ,I found that I can use a Access-token or a PRT(request party token) to access the resources protected by keycloak.
1 Use PRT: https://keycloak.gitbooks.io/documentation/authorization_services/topics/enforcer/keycloak-enforcement-bearer.html
GET /my-resource-server/my-protected-resource HTTP/1.1
Host: host.com
Authorization: Bearer ${RPT}
2 Use access token: https://github.com/keycloak/keycloak-quickstarts/blob/master/app-jee-html5/src/main/webapp/app.js
line 38
if (keycloak.authenticated) {
req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
}
I'm confused about the difference between them. I don't know When I should use access token , and when I should use another one ?
I am looking forward to your reply.
thanks ,
yizhou
More information about the keycloak-user
mailing list