[keycloak-user] Fwd: keycloak authorization code flow id_token missing

lucie lucas xiaoning.sunx at gmail.com
Sun Feb 18 13:33:54 EST 2018 

Sorry, I didn't forward for everyone

And another thing: do you think it's a bug of keycloak (version 3.4.3), if
yes, how could I report this bug ?
Thanks a lot


---------- Forwarded message ----------
From: lucie lucas <xiaoning.sunx at gmail.com>
Date: 2018-02-18 12:15 GMT+01:00
Subject: Re: [keycloak-user] keycloak authorization code flow id_token
missing
To: valsaraj pv <valsarajpv at gmail.com>


And another thing: do you think it's a bug of keycloak (version 3.4.3), if
yes, how could I report this bug ?
Thanks a lot
Xiaoning

2018-02-18 12:09 GMT+01:00 lucie lucas <xiaoning.sunx at gmail.com>:

> Hi,
> Thank you for your response, but in my case, I can't use implicit or
> hybrid flow because of security problem. And for information, I want use
> keycloak just as Identify provider, and I've an authorization server. I
> don't know if it works, so I want to do tests with postman to be sure.
>
> Have you had the similar situation?
>
> Thanks in advance
> Have a nice day
> Xiaoning
>
> 2018-02-18 6:49 GMT+01:00 valsaraj pv <valsarajpv at gmail.com>:
>
>> Hi,
>>
>> Can you check implicit ir hybrid flow instead of cide flow?
>>
>> Thanks!
>>
>>
>> On 18-Feb-2018 3:15 AM, "lucie lucas" <xiaoning.sunx at gmail.com> wrote:
>>
>>  Hi,
>>
>> I'm a new dev for the field of OpenID Connect. I want to do a test about
>> the authorization code flow with keycloak.
>>
>> So, I just clarify what I did
>>
>>    1. installation the standalone version (keycloak) with configuration
>>    admin console
>>    2. create a client app as client (protocole openid-connect), select
>>    standard flow enabled,
>>    3. from browser: I use url like : http://localhost:8080/auth/
>>    realms/master/protocol/openid-connect/auth?client_id={
>>    client_id}&response_type=code
>>    <http://localhost:8080/auth/realms/master/protocol/openid-c
>> onnect/auth?client_id=%7Bclient_id%7D&response_type=code>
>>    4. the request redirect to{redirect_uri} with *code* and *sessionstate*
>>    5. with postman, I filled the information as below:
>>
>> POST  http://localhost:8080/auth/realms/master/protocol/openid-con
>> nect/token
>> body :
>> client_id, client_secret,grant_type(authorization_code), scope(openid),
>> response_type(id_token%20token), redirect_uri, state (copy from 5th step
>> url), code (copy from 5th step url)
>>
>> *BUT* there are only access token, refresh token in the response, there is
>> no id_token which I waited for.
>>
>> Could you tell me what's wrong ? or keycloak support only access token? (I
>> don't think so, because when I test about Grant Access Flow, there's
>> id_token)
>>
>> I looked for this information 2 weeks ago, until now, I've no solution.
>>
>> Thank you for your feedbacks
>>
>> Xiaoning
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>

More information about the keycloak-user mailing list