libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

added variables for external URLs

Browse source
This commit is contained in:
Jen Malloy 2016-12-08 11:05:22 -05:00
parent cb1284b4e3
commit 857cb2a30b
4 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
book-product.json
View file

@ -22,7 +22,7 @@
"images": "rhsso-images",
"adminguide": {
"name": "Server Administration Guide",
"link": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-Beta/server-administration-guide/"
"link": "/single/server-administration-guide/"
},
"fuseVersion": "JBoss Fuse 6.3.0 Rollup 1"
}

4
topics/client-registration.adoc
View file

@ -24,13 +24,13 @@ There is an alternative to register new client without any token as well, but th
==== Bearer Token
The bearer token can be issued on behalf of a user or a Service Account. The following permissions are required to invoke the endpoints (see link:{{book.adminguide.link}}[{{book.adminguide.name}}] for more details):
The bearer token can be issued on behalf of a user or a Service Account. The following permissions are required to invoke the endpoints (see link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}] for more details):
* create-client or manage-client - To create clients
* view-client or manage-client - To view clients
* manage-client - To update or delete client
If you are using a bearer token to create clients it's recommend to use a token from a Service Account with only the `create-client` role (see link:{{book.adminguide.link}}[{{book.adminguide.name}}] for more details).
If you are using a bearer token to create clients it's recommend to use a token from a Service Account with only the `create-client` role (see link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}] for more details).
==== Initial Access Token

2
topics/oidc/java/client-authentication.adoc
View file

@ -39,7 +39,7 @@ will download new keys when it sees the token signed by unknown `kid` (Key ID).
** Upload the client's public key or certificate - either in PEM format, in JWK format or from keystore. With this option, public key is hardcoded and
needs to be changed anytime when client generates new keypair.
You can even generate your own keystore from {{book.project.name}} admin console if you don't have your own ready.
See {{book.adminguide.link}}[{{book.adminguide.name}}] for more details of setup in {{book.project.name}} admin console.
See {{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}] for more details of setup in {{book.project.name}} admin console.
For setup on adapter's side you need to have something like this in your `keycloak.json` file:

2
topics/oidc/java/params_forwarding.adoc
View file

@ -29,4 +29,4 @@ The supported parameters are:
Most of the parameters are described in the http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint[OIDC specification].
The only exception is parameter `kc_idp_hint`, which is specific to {{book.project.name}} and contains the name of the identity provider to automatically use.
For more information see the `Identity Brokering` section in {{book.adminguide.link}}[{{book.adminguide.name}}].
For more information see the `Identity Brokering` section in {{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}].