Doing project with spring boot & keycloack. want to know how to make elementary sign-in & authorize Rest with Keycloak.
CodePudding user response:
You don't write sign-in. You just redirect users to Keycloak authorize endpoint (with a redirect URL parameter). Once the user logged-in on Keycloak, he'll be redirected back to client (at redirect URL) with an authorization-code to exchange for tokens (access and maybe refresh and ID tokens).
Do not write all that yourself, use an OIDC client library (angular-auth-oidc-client is a sample for Angular, just choose one for your client framework).
To authorize requests on REST API, you configure it as a resource-server. Tutorials there.