OIDC Newbie - Usage scenario

Hi folks,
I’m new to Keyclaok and also OIDC protocols.

I’ve successfully built a Spring Boot application with Keycloak, and I created one realm and one client there. I could also get JWT of the client with client-secret.

However, this practice is client-base and what I want to do is getting JWT by each user.

Suppose I have…

RealmA

  • ClientA: UserA, UserB…
  • ClientB: UserC, UserD…

Is there way that I can get JWT of UserA to UserD with OIDC way?
I’ve found it can be implemented using id-password base though, should I need to use login way if I want to make it user-base or is there any other way to fulfil it using OIDC?

Thanks

There is no direct link between the client and the user. This means that the user attempts to log in to an app related to a client that implements one of the OIDC standards (usually Authorization Code or Authorization Code + PKCE) with your IdP.

Therefore, based on your example, Users A, B, C, and D can log in to AppA (ClientA) or AppB (ClientB) without any issues.

In Spring Boot, you can easily use the spring-boot-starter-oauth2-client.

1 Like

Thank you for your comment