[keycloak-user] Is there any public Keycloak endpoint to get a code?

Stian Thorgersen sthorger at redhat.com
Fri Mar 10 05:36:52 EST 2017


Securing apps and services guide - it's all explained in the OIDC section.

On 9 March 2017 at 20:06, Bernardo Pacheco <bernardo at zwift.com> wrote:

> In a newer KC version, when I call POST
> /realms/{realm-name}/protocol/openid-connect/token:
>
> 1 - Which body params should I send?
> 2 - Does this API return a code or an access token / refresh token?
>
> The older version has a /auth/realms/{realm-name}/tokens/grant/access API,
> but it is deprecated and I can't call it.
>
> Thanks Sebastien,
>
> On Thu, Mar 9, 2017 at 3:49 PM Sebastien Blanc <sblanc at redhat.com> wrote:
>
> > With Direct Grant Access enabled , you can use
> > /realms/{realm-name}/protocol/openid-connect/token but for older
> Keycloak
> > version I think it's something like
> > /auth/realms/aerogear/tokens/grants/access , it's a POST and the body
> > must form encoded
> >
> >
> > On Thu, Mar 9, 2017 at 7:32 PM, Bernardo Pacheco <bernardo at zwift.com>
> > wrote:
> >
> > Thanks Bruno, but these APIs are only for admin use. I'm looking for a
> OIDC
> > API where an user can submit his username/password to get a code.
> >
> > Regards,
> >
> > On Thu, Mar 9, 2017 at 2:26 PM Bruno Oliveira <bruno at abstractj.org>
> wrote:
> >
> > > Please look at the docs
> > > http://www.keycloak.org/docs-api/2.5/rest-api/index.html and upgrade
> if
> > > possible.
> > >
> > > On Thu, Mar 9, 2017 at 2:12 PM Bernardo Pacheco <bernardo at zwift.com>
> > > wrote:
> > >
> > > Hi everybody,
> > >
> > > I'm trying to find out if Keycloak has an endpoint where I can submit
> my
> > > username and password to get a code. Later with this code I could
> > exchange
> > > it for an access token.
> > >
> > > According to the Keycloak's documentation and taking a looking into the
> > > Keycloak source code, the only endpoint I found out is the following:
> > >
> > >
> > >
> > auth/realms/{realm-name}/protocol/openid-connect/auth?
> response_type=code&client_id={client_id}&redirect_uri={
> redirect_uri}&state={state}&login=true
> > >
> > > However, this endpoint returns a HTML page with a form where an user
> > could
> > > enter with username and password. The form action is:
> > >
> > > auth/realms/zwift/login-actions/request/login?code={code}
> > >
> > > The code parameter is generated by Keycloak when the HTML was processed
> > and
> > > served, so I cannot call this endpoint directly because I need this
> code
> > > parameter.
> > >
> > > My question is: in any Keycloak version, is there a public Keycloak
> > > endpoint where I can submit username and password to get a code that
> will
> > > be used to get a access token later via /token endpoint?
> > >
> > > Just a note, I'm using an old Keycloak version: v1.2.0-Final.
> > >
> > > Regards,
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> > > --
> > BERNARDO PACHECO
> >
> > *SOFTWARE ENGINEER at Zwift, Inc.*
> > bernardo at zwift.com <eric at zwift.com>
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list