[keycloak-user] Client (App) - Keycloak (Server) binding
Dmitry Telegin
dt at acutus.pro
Mon Jul 30 23:27:21 EDT 2018
Hi Leandro,
So basically you're shipping an application pre-configured to use your
Keycloak, and you want to prohibit users from changing this to another
server?
What type of application is it? Off the top of my head, you can use
server certificate verification on the adapter side. Not sure however
if it's available OOTB. But you're right: the user might replace server
name and certificate, so I'm afraid there's no 100% bulletproof solution here.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
On Thu, 2018-07-26 at 11:58 +0200, Leandro Rebosio wrote:
> Hey there, I didn't find any documentation about this particular topic, let
> me explain a bit. How can I bind my application to a Keycloak server
> instance and be sure that this binding is immutable?
> I know about certs and public key but if someone changes the key on my app
> it would be able to use a different Keycloak instance to authenticate,
> isn'it?
>
> Thanks for your clarification and I apologize if this is not the right way
> to use the mailing list.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list