[keycloak-user] obtaining token for CLI when using identity brokering

Tim Dudgeon tdudgeon.ml at gmail.com
Fri Apr 5 06:56:12 EDT 2019


My scenario:

1. My keycloak realm is set up to mange users with identity brokering 
(e.g. they login through GitHub etc.)
2. I have public client in that realm that has REST API that requires 
access to be authenticated
3. I want to access that API using curl or other CLI tool so need to 
provide an access token.

If my users were added to Keycloak directly I could get that token like 
this:

curl --data 
"grant_type=password&client_id=myclientid&username=user1&password=user1" 
https://<server:port>/auth/realms/realmname/protocol/openid-connect/token

But this will not work when using identity brokering.
So I was a assuming the user could login to keycloak with a browser and 
then find a token there and copy it.
But if I login as a user at this URL 
https://<server:port>/auth/realms/realmname/account I get logged in 
using the identity broker but I can't find a token anywhere.

How do I manage this?

Tim



More information about the keycloak-user mailing list