Menu
keycloak js version -> ^10.0.2
angular -> ^7.2.16
keycloak.json
{
"realm": "REALM",
"auth-server-url": "<auth-url>/auth/",
"ssl-required": "external",
"resource": "CLIENT_ID",
"verify-token-audience": true,
"credentials": {
"secret": "CLIENT_SECRET_KEY"
},
"use-resource-role-mappings": true,
"confidential-port": 0,
"policy-enforcer": {}
}
using in init like this
const keycloakAuth = Keycloak('keycloak.json');
keycloakAuth.init({ onLoad: 'login-required', checkLoginIframe: false })
when keycloak made this call <auth-url>/auth/realms/guavus/protocol/openid-connect/token than giving this error.
{"error":"unauthorized_client","error_description":"Client secret not provided in request"}
as per documentation removed credential support from javascript adapter
than what is the alternative of this and how to fix this error?
721
If this is an Angular Single Page Application (SPA), you should be using a public client (which will not use a client secret) per the Keycloak docs:
"One important thing to note about using client-side applications is that the client has to be a public client as there is no secure way to store client credentials in a client-side application." https://www.keycloak.org/docs/latest/securing_apps/#_javascript_adapter
128
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
