diff --git a/securing_apps/topics/oidc/javascript-adapter.adoc b/securing_apps/topics/oidc/javascript-adapter.adoc index bd799ff387..84da586906 100644 --- a/securing_apps/topics/oidc/javascript-adapter.adoc +++ b/securing_apps/topics/oidc/javascript-adapter.adoc @@ -1,17 +1,14 @@ [[_javascript_adapter]] === Javascript Adapter -{{book.project.name}} comes with a client-side JavaScript library that can be used to secure HTML5/JavaScript applications. The JavaScript adapter has built-in -support for Cordova applications. +{{book.project.name}} comes with a client-side JavaScript library that can be used to secure HTML5/JavaScript applications. The JavaScript adapter has built-in support for Cordova applications. The library can be retrieved directly from the {{book.project.name}} server at `/auth/js/keycloak.js` and is also distributed as a ZIP archive. -It's recommended to load the JavaScript adapter directly from the ${book.project.name}} server as it will automatically be updated when you -upgrade the server. If you copy the adapter to your web application instead make sure you upgrade it after you have upgraded the server. +A best practice is to load the JavaScript adapter directly from {{book.project.name}} Server as it will automatically be updated when you upgrade the server. If you copy the adapter to your web application instead, make sure you upgrade the adapter only after you have upgraded the server. One important thing to note about using client-side applications is that the client has to be a public client as there is no secure way to store client -credentials in a client-side application. This makes it very important to make sure the redirect URIs you have configured for the client are correct and as -specific as possible. +credentials in a client-side application. This makes it very important to make sure the redirect URIs you have configured for the client are correct and as specific as possible. To use the JavaScript adapter you must first create a client for your application in the {{book.project.name}} Administration Console. Make sure `public` is selected for `Access Type`.