Table of Contents
Starts the Keycloak server in the background and exposes the server on port 9191 on the host machine;
docker run -p 9191:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:10.0.2Go to the Keycloak Admin Console and login with the username and password you created earlier (admin/admin).
To verify that Keycloak container is running execute docker ps. The container status should be UP:
The following script configures a new realm, users and clients in Keycloak (see realm-configuration.json file):
|
Note
|
Set directAccessGrantsEnabled to true gives the client direct access to the user credentials and enables it to exchange them for access token. This is the equivalent of OAuth2 Password Grant flow
|
|
Note
|
Set serviceAccountsEnabled to true allows the client use direct credentials and enables it to exchange them for access token. This is the equivalent of OAuth2 Client Credentials flow
|
sh realm-configuration.shGrant Type: client_credentials
curl -s -X POST -u "app-android:app-android123" -d "grant_type=client_credentials" localhost:9191/auth/realms/my-realm/protocol/openid-connect/tokenGrant Type: password
curl -s -X POST 'localhost:9191/auth/realms/my-realm/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=app-android' \
--data-urlencode 'client_secret=app-android123' \
--data-urlencode 'username=jane-doe' \
--data-urlencode 'password=jane-doe123'…and let’s decode the access_token JWT token issued for jane-doe using https://jwt.io.
keycloak.postman_collection.json file, just download Postman and import the collection file