diff --git a/docbook/reference/en/en-US/modules/javascript-adapter.xml b/docbook/reference/en/en-US/modules/javascript-adapter.xml index b8ceafeaa4..c20856210c 100755 --- a/docbook/reference/en/en-US/modules/javascript-adapter.xml +++ b/docbook/reference/en/en-US/modules/javascript-adapter.xml @@ -1,17 +1,15 @@
- Pure Client Javascript Adapter + Javascript Adapter - The Keycloak Server comes with a Javascript library you can use to secure pure HTML/Javascript applications. This + The Keycloak Server comes with a Javascript library you can use to secure HTML/Javascript applications. This library is referencable directly from the keycloak server. You can also download the adapter from Keycloak's download site if you want a static copy of this library. It works in the same way as other application adapters except that your browser is driving the OAuth redirect protocol rather than the server. - The - disadvantage of using this approach is that you end up having a non-confidential, public client. This can be mitigated - by registering valid redirect URLs. You are still vulnerable if somebody hijacks the IP/DNS name of your pure - HTML/Javascript application though. + The disadvantage of using this approach is that you have a non-confidential, public client. This makes it more + important that you register valid redirect URLs and make sure your domain name is secured. To use this adapter, you must first configure an application (or client) through the Keycloak Admin Console. @@ -138,6 +136,21 @@ keycloak.updateToken(30).success(function() {
+
+ Older browsers + + + The JavaScript adapter depends on Base64 (window.btoa and window.atob) and HTML5 History API. If you need to + support browsers that don't provide those (for example IE9) you'll need to add polyfillers. Example polyfill + libraries: + + + Base64 - https://github.com/davidchambers/Base64.js + HTML5 History - https://github.com/devote/HTML5-History-API + + +
+
JavaScript Adapter reference