I have 3 applications; a backend server, web client and a node.js bot application that will also serve as client. I don’t have any issue authenticating web client using keycloak’s js adapter but I am not sure how to authenticate node.js bot application as client. keycloak-js adapter seems to be designed for browsers and keycloak-nodejs-connect seems to be designed for server applications (I couldn’t see any methods in the source code for loging in). Also documentation for these 2 packages literally do not exist. Their npm packages show keycloak’s documentation but that’s a general documentation about keycloak not module’s.
All in all how can I authenticate my node.js app (that will serve as client not server) using client credentials grant?
The simplest of all of the OAuth 2.0 grants, this grant is suitable for machine-to-machine authentication where a specific user’s permission to access data is not required.
The Flow
The client sends a POST request with following body parameters to the authorization server:
grant_type with the value client_credentials
client_id with the the client’s ID
client_secret with the client’s secret
scope with a space-delimited list of requested scope permissions.
The authorization server will respond with a JSON object containing the following properties:
token_type with the value Bearer
expires_in with an integer representing the TTL of the access token
access_token the access token itself
You need the token endpoint /auth/realms/REALM/protocol/openid-connect/token
Client Settings:
Access Type = confidential
Service Accounts Enabled = ON
You are a life saver man thanks And I suppose after initial request I’ll just start a cron job that’ll request new token where expires_in is used as interval.
And I suppose after initial request I’ll just start a cron job that’ll request new token where