我一直在尝试设置keycloak bearer-only client.Followed javascript adapter的keycloak文档中提到的步骤。 http工作正常。使用https,我得到了#34;访问被拒绝"。
下面是客户端中使用的keycloak.json。
{
"realm": "MyRealm",
"auth-server-url": "https://10.65.107.118:8043/auth",
"ssl-required": "none",
"resource": "edge",
"bearer-only": true,
"public-client": true,
"use-resource-role-mappings": true,
"confidential-port": 0
}
答案 0 :(得分:1)
解决方案是添加" realm-public-key"在keycloak.json。
可以从keycloak服务器找到realm-public-key的值。这将是领域设置,可以找到公钥并将其复制粘贴到keycloak.json中,供该领域的客户端应用程序使用。
{
"realm": "MyRealm",
"auth-server-url": "https://10.65.107.118:8043/auth",
"ssl-required": "none",
"resource": "edge",
"bearer-only": true,
"public-client": true,
"use-resource-role-mappings": true,
"confidential-port": 0,
"realm-public-key": "MIIBIjANBgkqh..."
}
希望这有助于某人!