I’m trying to connect a Qwik application to Keycloak. Qwik uses Auth.js. In Auth.js docs it has some default providers one of which is the Keycloak provider.
However, it says:
Create an openid-connect client in Keycloak with “confidential” as the “Access Type”.
I have spent some time trying to either find out the Access Type or some field that can have confidential as its value. I have not found any of them.
So, where are they? Or are they some synonyms for other words?
Hi @Nefcanto,
This means you need you have to generate a client secret. To do that, you have turn ON the Client authentication option. Then, you will find the Client secret in Clients > Client details > {your-client-name} > Credentials.
You use a confidential client when the app is able to securely store the client secret, usually in the backend. On the other hand, for SPA, you use a public public client.
Here is the RFC 6749 OAuth 2.0 Client Types reference: tools.ietf.org/html/rfc6749#section-2.1
Such a perfect answer. Thank you so much. And thanks for that link to the original RFC.