1

I need to configure Keycloak to get a JWT token as in this blog post, but I have to do it with cUrl. They create a client and then update it setting access type to confidential, Direct Grant Flow to direct grant, and Browser Flow to browser. The PUT request from the web UI that does this has some uuids that they seem to have pulled out of nowhere. Here is the relevant part of the payload:

"authenticationFlowBindingOverrides":{"browser":"6d77c4c7-15cf-4474-9b9f-7439dbc83b83","direct_grant":"5cb10cdb-9902-4f7f-b9da-68f887c49a75"}

The docs for the ClientRepresentation are no help. They show all fields are optional, which doesn't make sense, and the authenticationFlowBindingOverrides is a Map, but the link in their docs for the Map is dead.

Does anyone know where they get the uuids for browser and direct_grant from?

There is also nothing in the PUT payload that sets the Access Type to confidential.

If anyone has a cUrl implementation of the UI steps in the blog post that would be greatly appreciated.

Improve this question
0

1 Answer 1

Reset to default
2

The PUT request from the web UI that does this has some uuids that they seem to pull out of nowhere.

Those uuids are generated by keycloak to get them you need to call the endpoint:

GET KEYCLOAK_HOST/auth/admin/realms/<YOUR_REALM>/authentication/flows

From the JSON response you need to parser it and get the field id of both the alias: "browser" and the alias: "direct grant".

After that call the endpoint:

PUT KEYCLOAK_HOST/auth/admin/realms/<YOUR_REALM>/clients/<YOUR_CLIENT_ID>

with the following payload:

'{"publicClient":false,"clientAuthenticatorType":"client-secret","authenticationFlowBindingOverrides":{"direct_grant":"<DIRECT_GRANT_ID>","browser":"<BROWSER_ID>"}}'

There is also nothing in the PUT payload that sets the Access Type to confidential.

You need to set the field publicClient to false.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.