Hi
I’m a little confused about something.
we want to implement a proper OAuth flow on our website.
from all the guides I read i should do something like that:
- in our frontend - send username and password to KC “token” endpoint and get an authorization code
- pass this code to our Backend server
- Backend send this code + secret to the KC to get a valid Access token (and refresh token)
- BE send the access token back to the FE
- and from now on every request i want to send from the server i use the access token i get from the FE
Is it possible to implement this flow using the Admin Rest API?
cause I can’t see a way to do this
The best i found that i can use “auth/realms/myRealm/protocol/openid-connect/token” in order to get directly that Access token (by using “grant_type=password”)
Note that we don’t want to use KC login pages , rather use our own
thanks