Menu
I have 2 different applications: say Application1 and Application2.
I have integrated Application2 with keycloak and I am able to login to this application using Keycloak's login page.
Now what I want is, if I login to my Application1 (without keycloak), I should be able to call some API of keycloak to login to application2 (without rendering keycloak's login page).
It is feasible? If yes, how?
Any help will be highly appreciated.
Thanks
575
Open browser and enter the keycloak url. Click on Administration Console. Default username and password is 'admin' , 'admin'.
The first step to enable Keycloak Authorization Services is to create the client application that you want to turn into a resource server. Click Clients. On this page, click Create client. Type the Client ID of the client.
Configure Keycloak to authenticate your cbioportal instance. Log in to your Keycloak Identity Provider, e.g. http://localhost:8080/auth, as an admin user. ⚠️ when setting this up on something else than localhost (e.g. production), you will need to use/enable https on your Keycloak server.
You are effectively asking your users to trust that Application1 will manage their keycloak credentials securely. This is not recommended because
But if you control and can trust Application1 and need to do this due to legacy or other reasons then you can enable the Resource Owner Credentials Flow called "Direct Access" on the Keycloak Client Definition, and then POST the user's credentials as a form-urlencoded data type to
https://<keycloak-url>/auth/realms/<realm>/protocol/openid-connect/token The paramaters will be
grant_type=password client_id=<Application1's client id> client_secret=<the client secret> username=<the username> password=<the password> scope=<space delimited list of scope requests> The response will be a valid JWT object or a 4xx error if the credentials are invalid.
125
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
