[keycloak-user] Signed JWT and Policy Enforcement
Hübner, Bettina
Bettina.Huebner at kvbawue.de
Tue Apr 25 07:13:51 EDT 2017
Hi,
we use the Keycloak Spring Security Adapter and fine-grained authorization settings for a Spring Boot App and it works fine. I now tried to use signed JWT for client authentication instead of client secret but get an error message ("Client Secret not provided") when starting our app. It seems the AuthzClient expects to find a “secret”-entry in the keycloak.json. If I remove the policy enforcer claim, there is no error.
Can anyone help?
Thanks
Bettina
More information about the keycloak-user
mailing list