[keycloak-user] Implicit flow between two (or more) keycloak instances
Dmitry Telegin
dt at acutus.pro
Mon Aug 6 08:52:23 EDT 2018
Hi Yann,
Is there no connectivity between Keycloaks at all, or is it only one-way? A diagram would be helpful I think.
Which adapter do you use? Could you try enabling *both* Standard and Implicit flows for the client? This will result in an access token returned as a "code" query parameter in response to "response_type=code".
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
On Tue, 2018-07-31 at 08:26 +0000, Yann Jouanin wrote:
> Hello community,
>
> Has anybody a clue on this topic?
>
> Best regards,
>
> Yann
> >
> > I am currently trying to use implicit flow between two keycloak instances.
> > My setup is :
> > We have one keycloak used in our cloud and one on customer premise,
> > federating the customer's ldap.
> >
> > Because there is no network connectivity between both the keycloak
> > instances I want to use the implicit flow so the customer access our service
> > in cloud, get redirected to our keycloak instance for login and then has the
> > option to use its on premise instance configured as a OIDC identity provider.
> > The setup work in a lab with standard flow, but with implicit flow, I get an
> > error message "Standard flow is disabled for the client"
> >
> > Is implicit flow usable in this case?
> >
> > Best regards,
> > Yann Jouanin
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list