[keycloak-user] How should my application users get a token to directly access my API?
Geoffrey Cleaves
geoff at opticks.io
Sat Nov 3 19:56:08 EDT 2018
Let's say that in addition to letting my end users access my REST API via
the single page web app, I also want to let the end users access the REST
API in a machine-to-machine fashion. So that, for example, the end user
could run a report every night automatically via cron/curl instead of
generating the report via the front end SPA.
My SPA gets tokens using keycloak.js and the Authorizaton Code Flow. But I
don't think this is appropriate for the scenario above. Curl can't be
entering a username/password into Keycloak's login page when a session
expires. Are my end users to use the Resource Owner Password Credentials
Grant? If so, which clientid/secret should be used?
Thanks for shedding light on this.
Geoff
More information about the keycloak-user
mailing list