[keycloak-user] Help with non-browser authentization flow

Noah Silverman noah at helios.ai
Thu Feb 21 22:27:45 EST 2019


I'm building a REST based API for users to access things on our server.

The Keycloak browser based authentication workflow is great, and I'd like to offer something similar to someone writing a REST client.

1) POST your username and password to the Keycloak server
2) Receive a authorization_code back from Keycloak
3) Call OUR REST endpoint with the Keycloak authorization_code
4) Our software does a "back channel" call to Keycloak server to exchange the authorization_code for access token.
5) We then reply to the user with the JIT as a unique token for access our REST API

This is super easy using the browser to visit the Keycloak login page (the standard workflow covers steps 1-3 above). 
How can I configure Keycloak to allow the same flow without a browser?

Thank You!

-------------- next part --------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190222/67505ff9/attachment.bin 

More information about the keycloak-user mailing list