Skip to content

Instantly share code, notes, and snippets.

@rac021
Created March 9, 2017 18:30
Show Gist options
  • Save rac021/623e4f4c87069acd0c38d952568f8a3d to your computer and use it in GitHub Desktop.
Save rac021/623e4f4c87069acd0c38d952568f8a3d to your computer and use it in GitHub Desktop.
## Obtain Token and Invoke Service
@gigaga
Copy link

gigaga commented Nov 23, 2017

Hi,

Can you explain how obtain an access_token for a specific identity provider ?
By this way, password is checked from internal Keycloak database. For example how indicate what idp I want use to check user/pass couple?

Thx

@TJarriault
Copy link

hi,
i've got the same question.
Can you explain how obtain an access_token for a specific identity provider ?

Regards,

@vayalaivadivel
Copy link

I am not able to find any rest api to validate the token.
Please anyone can help me on this.

Thanks,
Vadivel PM.

@IvanAR
Copy link

IvanAR commented Dec 11, 2017

Same here, I'm having problems on how to validate the token on destiny service

@fquiroz
Copy link

fquiroz commented Mar 13, 2018

it works , but in Postman app with the same parametes not working

@j0zeft
Copy link

j0zeft commented Jun 25, 2018

If I understand correctly, I think if you have the certificate installed on the application server (only the certificate without the private key), this should be enough to verify the signature on the JWT coming from the Identity provider (Keycloak)...

@divanshArora
Copy link

Worked well. Thanks for this

@runeksvendsen
Copy link

The token is verified/validated using the public key of the Keycloak server.

In Keycloak:

  1. Go to Realm Settings -> Keys and click the Public key button for the key with the highest priority
  2. A popup appears with long string of text (the public key)
  3. Copy/paste this public key
  4. In the backend: use a JWT library and provide it the public key to verify that the token is valid

@jbouder
Copy link

jbouder commented Jan 22, 2022

Have you by chance tried using the rest api within a web application to get a token? Particularly from something like a React app? No matter what I try I can’t seem to get it to work.

@MarcusBondezan
Copy link

Have you by chance tried using the rest api within a web application to get a token? Particularly from something like a React app? No matter what I try I can’t seem to get it to work.

@jbouder I'm having the same problem. I have a react app and I'm trying to use my own UI login screen and trying to call the keycloak rest endpoint that gives me the access token.

Have you find out how to do it properly?

@jbouder
Copy link

jbouder commented Mar 28, 2022

I did actually, the main issue I was experiencing actually was due to how I was posting my data, was using FormData, when it should actually be UrlSearchParams. Here is the gist of what I'm doing (might have to tweak a bit, i'm using a default axios instance, and for this code snipped I pulled some of that in for you)...
axios({ method: 'post', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, url: '${SSO_ISSUER_URL}/realms/${SSO_KEYCLOAK_REALM}/protocol/openid-connect/token', data: new URLSearchParams({ client_id: SSO_CLIENT_ID, grant_type: 'password', username: USERNAME, password: PASSWORD, })

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment