We have some APIs that we'd like to allow a specific backend service we'd like Keycloak to work with. We have it working with regular users with the traditional username/password type login. As you can imagine, we don't want to have a password based system, but ideally some sort of long key we can weld into the calling app to start the authentication process. If it helps to know, I'd like this to be a stateless JWT solution (eventually anyway). Yes, I've seen the documentation, but I don't know where this is talked about. Can someone send me a good link.
Asked
Active
Viewed 505 times
1 Answers
1
Client Credentials Flow in OAuth 2.0 for backend service.
This is good overview of OAuth Flow
Diagrams And Movies Of All The OAuth 2.0 Flows
How to call Client Credentials in Keycloak
What is a PAT and how to obtain it
API format
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-d 'grant_type=client_credentials&client_id=${client_id}&client_secret=${client_secret}' \
"http://localhost:8080/realms/${realm_name}/protocol/openid-connect/token"

Bench Vue
- 5,257
- 2
- 10
- 14