[keycloak-user] Access token customization per client
Dmitry Telegin
demetrio at carretti.pro
Wed Jun 19 07:24:42 EDT 2019
Hello Fabrice,
Just wondering if you want this feature to minimize token size, or rather for security purposes? If latter, just FYI, there's an ongoing effort to implement encrypted tokens [1].
At the moment, there are plans to do encrypted ID tokens only, but you can approach Takashi and Marek and discuss if that could be applied to access tokens too.
[1] https://github.com/keycloak/keycloak/pull/5779
Good luck,
Dmitry Telegin
Carretti Consulting OÜ | Keycloak Consulting and Training
Sepapaja 6, Tallinn 15551, Estonia | info at carretti.pro
On Wed, 2019-06-19 at 08:00 +0000, GESLIN Fabrice wrote:
> Hi,
>
> Is there a way to customize the content of the access token that is delivered to client applications ?
>
> This question is an attempt to revive this old thread: https://lists.jboss.org/pipermail/keycloak-user/2016-February/004784.html .
>
> The idea is to deliver basic JWT access tokens to public clients.
> This token can be exchanged later on at the resource server level with a full-fledged JWT.
>
> Regards,
>
> Fabrice Geslin
>
> Groupe La Poste
>
> Post-scriptum La Poste
>
> Ce message est confidentiel. Sous reserve de tout accord conclu par
> ecrit entre vous et La Poste, son contenu ne represente en aucun cas un engagement de la part de La Poste. Toute publication, utilisation ou diffusion, meme partielle, doit etre autorisee prealablement. Si vous n'etes pas destinataire de ce message, merci d'en avertir immediatement
> l'expediteur.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list