rac021/KeyCloak-Rest-Token

Created March 9, 2017 18:30

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/rac021/623e4f4c87069acd0c38d952568f8a3d.js"></script>
Save rac021/623e4f4c87069acd0c38d952568f8a3d to your computer and use it in GitHub Desktop.

Download ZIP

Raw

KeyCloak-Rest-Token

## Obtain Token and Invoke Service

IvanAR commented Dec 11, 2017 •

edited

Same here, I'm having problems on how to validate the token on destiny service

fquiroz commented Mar 13, 2018

it works , but in Postman app with the same parametes not working

j0zeft commented Jun 25, 2018

If I understand correctly, I think if you have the certificate installed on the application server (only the certificate without the private key), this should be enough to verify the signature on the JWT coming from the Identity provider (Keycloak)...

divanshArora commented Mar 23, 2020

Worked well. Thanks for this

runeksvendsen commented Feb 22, 2021

The token is verified/validated using the public key of the Keycloak server.

In Keycloak:

Go to Realm Settings -> Keys and click the Public key button for the key with the highest priority
A popup appears with long string of text (the public key)
Copy/paste this public key
In the backend: use a JWT library and provide it the public key to verify that the token is valid

jbouder commented Jan 22, 2022 •

edited

Have you by chance tried using the rest api within a web application to get a token? Particularly from something like a React app? No matter what I try I can’t seem to get it to work.

MarcusBondezan commented Mar 28, 2022

Have you by chance tried using the rest api within a web application to get a token? Particularly from something like a React app? No matter what I try I can’t seem to get it to work.

@jbouder I'm having the same problem. I have a react app and I'm trying to use my own UI login screen and trying to call the keycloak rest endpoint that gives me the access token.

Have you find out how to do it properly?

jbouder commented Mar 28, 2022

I did actually, the main issue I was experiencing actually was due to how I was posting my data, was using FormData, when it should actually be UrlSearchParams. Here is the gist of what I'm doing (might have to tweak a bit, i'm using a default axios instance, and for this code snipped I pulled some of that in for you)...
axios({ method: 'post', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, url: '${SSO_ISSUER_URL}/realms/${SSO_KEYCLOAK_REALM}/protocol/openid-connect/token', data: new URLSearchParams({ client_id: SSO_CLIENT_ID, grant_type: 'password', username: USERNAME, password: PASSWORD, })

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment