Im trying to get KeyCloak 11.0.2 working with a ASPnet Core test project.
KeyCloak 11.0.2 is running in a Docker container and the ASPnet is running from Visual Studio 2019 on my Windows 10 box
My understanding is that The consumer of the ASPNET Core WebAPI needs to get a token from keycloak 11.0.2 and then provide this to the ASPNET WebAPI to consume the webmethod(api/values).
If I try to visit the [localhost]:5001/api/values it will redirect me to [localhost]:5001/signin-oidc where it displays this exception :
OpenIdConnectProtocolException: Message contains error: 'invalid_request', error_description: 'Invalid scopes: openid profile email claims', error_uri: 'error_uri is null'.
I can also see this in the keycloak consol :
20:45:46,776 ERROR [org.keycloak.services] (default task-13) KC-SERVICES0093: Invalid parameter value for: scope
20:45:46,776 WARN [org.keycloak.events] (default task-13) type=LOGIN_ERROR, realmId=master, clientId=aspnetcore-keycloak, userId=null, ipAddress=x, error=invalid_request, response_type=code, redirect_uri=[localhost]:5001/signin-oidc, response_mode=form_post
I suspect that the problem is that Im not providing a access token to the webapi, the webapi will ask keycloak if it is valid, keycloak writes the error in its console and the webapi try to redirect me to a sign in page, right?
To get this working I first need to get a token from keycloak that is provided to the webapi. The question is how to do this?
I got Postman where I have created a request(GET) to [localhost]:5001/api/values. I have looked under Authorization > OAuth 2.0 > Get new Access Token but Im not sure what values I should add here got get the GET request to work.
Could you pleas help?