libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Short verification_uri for Device Authorization Request

Browse source
This commit is contained in:
Konstantinos Georgilakis 2023-01-17 10:33:55 +02:00 committed by Marek Posolda
parent 4e2ed62464
commit 82099ce7f3
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
server_admin/topics/sso-protocols/con-oidc-auth-flows.adoc
View file

@ -77,7 +77,7 @@ See the <<_service_accounts,Service Accounts>> chapter for more information.
This is used by clients running on internet-connected devices that have limited input capabilities or lack a suitable browser. Here's a brief summary of the protocol:
. The application requests {project_name} a device code and a user code. {project_name} creates a device code and a user code. {project_name} returns a response including the device code and the user code to the application.
. The application provides the user with the user code and the verification URI. The user accesses a verification URI to be authenticated by using another browser.
. The application provides the user with the user code and the verification URI. The user accesses a verification URI to be authenticated by using another browser. You could define a short verification_uri that will be redirected to Keycloak verification URI (/realms/realm_name/device)outside Keycloak - fe in a proxy.
. The application repeatedly polls {project_name} to find out if the user completed the user authorization. If user authentication is complete, the application exchanges the device code for an _identity_, _access_ and _refresh_ token.
[[_client_initiated_backchannel_authentication_grant]]