[keycloak-user] Combining transparent and opaque tokens
Omri Tavor
omri.tavor at forcepoint.com
Mon Mar 19 03:34:14 EDT 2018
Hi,
A quick newbie question.
My application has multiple backend services and a few public gateways for public APIs.
I need all of my services to have the full user information (name, roles etc) but I don't want each of the backend services sending requests to the Keycloak server in order to get this information (this would greatly impact performance and force the application to be fully synchronous). Can I use opaque tokens for my public API (both backend calls and user calls) and then having a transparent token as the request goes through my backed services? In other words, I want to verify the user and get its information only on the initial request and then having all of the user data embedded in a token as it travels through the backend services. This token should have to be refreshed after some time. Can I do that?
Thanks,
Omri.
More information about the keycloak-user
mailing list