[keycloak-user] Client side token verification
Rudolf Jurišić
rudolf.jurisic at degordian.com
Sun Mar 4 15:53:23 EST 2018
Can the verification of jwt token be done on the client side, assuming the
client has the (same) secret that the server uses to sign the tokens?
Is this a good idea?
Or is it necessary to ask the server?
My components:
1. Web app - resource consumer
2. Resource server - Keycloak registered client, REST API, bearer-only
3. Keycloak - authorization server
Thanks
More information about the keycloak-user
mailing list