Difficulty: beginner
Estimated Time: 5 minutes

Secure an application, getting redirect to the login screen and call a secured service.

In this scenario, you will learn how to:

  • Configure a web application.
  • Log in to your application.
  • Have your application make a secure request to a secured service.

Congratulations! You have completed this scenario. Now that we have a secured service, we can learn how to secure an application that will consume this service in a secured way.

  Restart Scenario
Next Scenario

Securing an application

Step 1 of 3

Securing the app

Configure our Application

The application needs some configuration specific to keycloak. For most Keycloak adapters, this configuration exists in the keycloak.json file:

{
    "realm": "katacoda",
    "auth-server-url": "https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth",
    "ssl-required": "external",
    "resource": "web-client"
  }
  • realm : The realm in which this service belongs
  • auth-server-url : This is the url of our Keycloak instance.
  • resource : The name of the client defined in Keycloak

Create the client in Keycloak

Manual creation

You can manually create the client in the Keycloak console. Go the Keycloak Web Console then open the Clients screen, click on Create and enter the following values:

Click save and you are done.

Import the client with a rest call

Just execute this script:

export access_token=$(\ curl -X POST https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth/realms/master/protocol/openid-connect/token \ -H 'content-type: application/x-www-form-urlencoded' \ -d 'username=admin&password=admin&grant_type=password&client_id=admin-cli' | jq --raw-output '.access_token' \ ) curl -v -X POST https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth/admin/realms/katacoda/clients -H 'content-type: application/json' -H "Authorization: Bearer "$access_token -d @/root/web-client.json

keycloak.json
Terminal
KC Console
Application