Hi,
I’m trying to set up a demo application for “how not to do oauth/oidc”.
It’s a react application with keycloak-js
. Is it possible to force it to act as a confidential client?
Are there some parameters I can pass to keycloak.init
?
I now that a SPA can not keep secrets, this is only a bad example to help understand oidc
Thanks
Benjamin