Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Keycloak JAX-RS and Postman Authorization (Auth URL)

Tags:

token

oauth-2.0

jax-rs

postman

keycloak

I have resources with jax-rs and use keycloak I want to get the token with Postman

this is the database client for jax-rs (keycloak-quickstart)

{
  "realm": "demo",
  "bearer-only": true,
  "auth-server-url": "http://localhost:8080/auth",
  "ssl-required": "external",
  "resource": "database-service"
}

I created a client for Postman

{
  "realm": "demo",
  "auth-server-url": "http://localhost:8080/auth",
  "ssl-required": "external",
  "resource": "client-postman",
  "credentials": {
    "secret": "b53f32d3-e15b-474b-a88d-1f1cfa68c2dc"
  }
}

I chose the OAuth 2.0 type enter image description here

The url for the access token is

http://localhost:8080/auth/realms/demo/protocol/openid-connect/token

But I do not know what the auth url is enter image description here

like image 858
Pako Avatar asked Aug 23 '17 13:08

Pako

People also ask

How can I get access token from Keycloak in Postman?

Navigate to the Postman Authorization tab of your request. From the Type dropdown menu, select OAuth 2.0: Click on the Get New Access Token button that will open a dialog box for configuring the identity server (Keycloak in our case).

How do I add someone to Keycloak using postman?

To use these endpoints with Postman, we'll start by creating an Environment called “Keycloak.” Then we'll add some key/value entries for the Keycloak authorization server URL, the realm, OAuth 2.0 client id, and client password: Finally, we'll create a collection where we can organize our Keycloak tests.

How do I get authorization code for Keycloak?

in our frontend - send username and password to KC “token” endpoint and get an authorization code. pass this code to our Backend server. Backend send this code + secret to the KC to get a valid Access token (and refresh token) BE send the access token back to the FE.

1 Answers

with current version of Postman and keycloak 2.2.1.Final i've managed to setup OAuth 2.0

Postman setup for keycloak

Client Secret: not required but AFAIK you cane have it setup in client and then you have to provide it here

Auth Url: https://{KEYCLOAK}/auth/realms/{REALM}/protocol/openid-connect/auth

Token Url: https://{KEYCLOAK}/auth/realms/{REALM}/protocol/openid-connect/token

You can get those urls from https://{KEYCLOAK}/auth/realms/{REALM}/.well-known/openid-configuration

like image 176
dmnk_89 Avatar answered Sep 27 '22 19:09

dmnk_89
Sign in to Comment

Related questions

What's the difference between a Redirect url and a callback uri in openID Connect Oauth?
Method Illuminate\Auth\RequestGuard::logout does not exist Laravel Passport
Ruby on Rails: how to use OAuth2::AccessToken.post?
Retrieving date of birth with Google OAuth API
Android & OAUTH 2.0
Google OAuth 2 redirect_uri_mismatch - OmniAuth Rails app
What is the difference between using refresh token and Silent Authentication for SPA?
Identity Server 3 - The client application is not known or is not authorized
Retrieving state data with oidc-client
How to automatically refresh expired token with AFOAuth2Manager?
how to generate OAuth client identifier and client secret?
Override AccessTokenExpireTimeSpan
VK Oauth: Security Error
Do Facebook has a refresh token of OAuth?
Google OAuth 2 and state parameter values need to be registered in redirect url
Android - how to get google plus access token?
OAuth-2.0/JWT - guidance about when to use scope vs roles
Decrypt OAuth 2.0 access token
Box oauth2: Invalid grant_type parameter or parameter missing
Multiple IdentityServer Federation : Error Unable to unprotect the message.State

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!