[keycloak-user] Access Token And PRT(request party token), which one should I use to access the resource protected by keycloak
Pedro Igor Silva
psilva at redhat.com
Mon Apr 17 07:22:47 EDT 2017
Hi,
If your resources are protected with a policy enforcer you should send a
RPT. This token is pretty much an access token with an additional claim
holding the permissions.
Regards.
Pedro Igor
On Mon, Apr 17, 2017 at 6:08 AM, Yizhou Jiang(Yizhou) <
yizhoujiang at hengtiansoft.com> wrote:
> Hi,
> By reading the document of KeyCloak ,I found that I can use
> a Access-token or a PRT(request party token) to access the resources
> protected by keycloak.
>
> 1 Use PRT: https://keycloak.gitbooks.io/documentation/authorization_
> services/topics/enforcer/keycloak-enforcement-bearer.html
>
> GET /my-resource-server/my-protected-resource HTTP/1.1
> Host: host.com
> Authorization: Bearer ${RPT}
>
> 2 Use access token: https://github.com/keycloak/
> keycloak-quickstarts/blob/master/app-jee-html5/src/main/webapp/app.js
>
> line 38
>
> if (keycloak.authenticated) {
> req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
> }
>
> I'm confused about the difference between them. I don't know When
> I should use access token , and when I should use another one ?
> I am looking forward to your reply.
>
> thanks ,
> yizhou
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list