Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Keycloak Direct Access Grant not valid at keycloak userinfo endpoint

Tags:

jwt

keycloak

I am trying to write tests for an API that uses Keycloak for authorization.

I can programmatically login to keycloak from the test script using grant_type password, and keycloak responds with a token.

When the API tries to verify that token using the Keycloak userinfo endpoint, I get a 403 Token Authorization Error.

The same API validation function works fine for the same user, if I login to Keycloak manually through the web client. I have checked the API middleware and it receives the same token as was generated by keycloak.

like image 490
PrestonDocks Avatar asked Oct 20 '25 13:10

PrestonDocks

1 Answers

If someone is getting:

{
    "error": "unauthorized_client",
    "error_description": "Client not allowed for direct access grants"
}

when trying to get the token, you need to enable direct access grant for your client:

[1]: https://i.sstatic.net/m3WOD.png

like image 66
Vigan Dika Avatar answered Oct 22 '25 03:10

Vigan Dika

Sign in to Comment

Related questions

What does bearer stand for?
How can I load a vendor class as a Service in Symfony 4?
How to get the Authorization Bearer header?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!