[keycloak-user] keycloak-gatekeeper bearer-only
Eric Boyd Ramirez
eric.ramirez.sv at gmail.com
Wed Oct 31 17:49:41 EDT 2018
Dear All,
I am trying to test Keycloak-gatekeeper, have read the docs I could find (keaycloak-proxy as well) but I still have a few questions:
1- I am trying to secure a number of REST APIs, configured behind bearer-only clients. I think I need to first get a access token trough a confidential client using a 'grant-type=password' request and then do a second request to the REST client resource. Is this the right approach, how would I implement this using Keycloak-Gatekeeper?.
2- Keycloak-Gatekeeper uses uri->methods->roles to manage resource access. Is there a way to use Keycloak's authorization settings to manage access to a client's resource (i.e. policies, permissions, uma-ticket, etc.)?
3- How do I set up multiple clients, do I have to run and configure separate instances of Keycloak-Gatekeeper?
Thanks in advance for your time and help.
Regards,
More information about the keycloak-user
mailing list