We have implemented a custom rest end point based on https://www.keycloak.org/docs/latest/server_development/#_extensions and as per the source code here https://github.com/keycloak/keycloak/tree/master/examples/providers/rest …but we want to secure the resources making sure that only certain client applications could access this end point …
since this creates a jar and not war we probably can’t use keycloak.json …is there any way like keycloak.json that would help us to secure the resources through configuration than code ?
for spring boot using keycloak adapter we specify configuration on which resources to be secured like this
keycloak.auth-server-url=http://localhost:8180/auth
keycloak.realm=SpringBootKeycloak
**keycloak.resource=login-app**
keycloak.public-client=true
We would like to do the same for rest service created by extending RealmResourceProvider SPI …Fairly new to Keycloak any help from the community in pointing us in the right direction would be great