Menu
we are working on a student project. Our goal is to achieve that a user can authorize with a x509 certificate via Keycloak.
Actually, we cannot continue with receiving the authorization code in order to exchange it for a token request. Basically, we send an authorization code request and receive the authorization code by an URL parameter. But we would prefer to receive the authorization code in a JSON format. The access type of the Client is set to public.
Can someone help us please. Thank you.
711
The authorization code flow is given in the url because it is meant to survive a redirection to the keycloak login page. You access the keycloak login page using a client id and a redirect url to your application. Once the login is successful, the keycloak server redirects to your app again, providing the authorization code appended in the url itself. Then your app sends this code in order to get a token set, which is the one actually given in JSON format.
It's not possible to get the authorization code from a REST endpoint, because it is meant to follow a web browser flow. You could still use the direct access grant in order to log in the users directly with their credentials and obtain the token set. That is however considered to be a bit weaker.
See also:
191
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
