2016-06-01 11:02:44 +00:00
== Other OpenID Connect libraries
2016-04-18 19:10:32 +00:00
2016-06-01 11:02:44 +00:00
OAuth2 https://tools.ietf.org/html/rfc6749
OpenID Connect http://openid.net/connect/
2016-04-18 19:10:32 +00:00
2016-06-01 11:02:44 +00:00
=== Endpoints
TODO
=== Flows
==== Authorization Grant
==== Implicit
2016-06-03 10:35:36 +00:00
[[_resource_owner_password_credentials_flow]]
2016-06-01 11:02:44 +00:00
==== Resource Owner Password Credentials
==== Client Credentials
=== Redirect URIs
Keycloak provides two special redirect uris for installed applications.
2016-04-18 19:10:32 +00:00
[[_installed_applications_url]]
2016-06-01 11:02:44 +00:00
==== Installed Applications url
2016-04-18 19:10:32 +00:00
2016-06-01 11:02:44 +00:00
http://localhost
2016-04-18 19:10:32 +00:00
This returns the code to a web server on the client as a query parameter.
Any port number is allowed.
2016-06-01 11:02:44 +00:00
This makes it possible to start a web server for the installed application on any free port number without requiring changes in the `Admin Console`.
2016-04-18 19:10:32 +00:00
[[_installed_applications_urn]]
2016-06-01 11:02:44 +00:00
==== Installed Applications urn
2016-04-18 19:10:32 +00:00
2016-06-01 11:02:44 +00:00
`urn:ietf:wg:oauth:2.0:oob`
2016-04-18 19:10:32 +00:00
If its not possible to start a web server in the client (or a browser is not available) it is possible to use the special `urn:ietf:wg:oauth:2.0:oob` redirect uri.
When this redirect uri is used Keycloak displays a page with the code in the title and in a box on the page.
The application can either detect that the browser title has changed, or the user can copy/paste the code manually to the application.
2016-06-01 11:02:44 +00:00
With this redirect uri it is also possible for a user to use a different device to obtain a code to paste back to the application.
=== Session Management
=== Dynamic Client Registration
