Client Initiated Account Linking for Mobile Applications

Greetings, I have been testing the request to initiate account linking to a social IdP (like it is mentioned here Server Developer Guide) but I’m using the keycloak token endpoint to login (https://[keycloak-host]/auth/realms/[realm]/protocol/openid-connect/token with password grant type), and later delivering the asked parameters for the client initated account linking endpoint (like nonce, hash, etc. like it’s suggested), but when I only use the token endpoint to login it doesn’t work because it seems like the client initated account linking endpoint uses cache or cookies from a browser (the generated url works when logged using a browser)

So, my question is, how should I approach this use case on a mobile app that uses the token endpoint of keycloak with password grant to login?

1 Like