Difficulty: beginner
Estimated Time: 5 minutes

Secure an application, getting redirect to the logi screen and call a secured service.

In this scenario, you will learn :

  • How to configure a Web Application.
  • How to log in to your application.
  • Have your application make a secure request to a secured service.

Congratulations you have completed scenario ! Now that we have a secured service, we can learn how to secure an application that will consume this service in a secured way.

Securing an application

Step 1 of 3

Securing the app

Configure our Application

The application needs some configuration specific to keycloak. For most Keycloak adapters this will happen in a file named keycloak.json :

{
    "realm": "katacoda",
    "auth-server-url": "https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth",
    "ssl-required": "external",
    "resource": "web-client"
  }
  • realm : The realm in which this service belongs
  • auth-server-url : This is the url of our Keycloak instance.
  • resource : The name of the client defined in Keycloak

Create the client in Keycloak

Manual creation

You can manually create the client in the Keycloak console : Go the Keycloak Web Console then open the Clients screen, click on Create and enter the following values :

Click save and you're done

Import the client with a rest call

Just execute this script :

export access_token=$(\ curl -X POST https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth/realms/master/protocol/openid-connect/token \ -H 'content-type: application/x-www-form-urlencoded' \ -d 'username=admin&password=admin&grant_type=password&client_id=admin-cli' | jq --raw-output '.access_token' \ ) curl -v -X POST https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth/admin/realms/katacoda/clients -H 'content-type: application/json' -H "Authorization: Bearer "$access_token -d @/root/web-client.json

keycloak.json