Difficulty: beginner
Estimated Time: 5 minutes

Secure a service, obtain a token and making a secure request.

In this scenario, you will learn how to:

  • Configure a NodeJS service exposing a REST endpoint to make it secure.
  • Obtain an OpenID Connect token from Keycloak.
  • Make an http request against the service using the obtained token.

Congratulations! You have completed this scenario! Now that we have a secured service, we can learn how to secure an application that will consume this service in a secured way.

Securing a service

Step 1 of 3

Securing the app

Let's secure our first service.

Configure our Service

The service needs some configuration specific to keycloak. For most Keycloak adapters, this will happen in a file named keycloak.json:

{
    "realm": "katacoda",
    "bearer-only": true,
    "auth-server-url": "https://[[HOST_SUBDOMAIN]]-8443-[[KATACODA_HOST]].environments.katacoda.com/auth",
    "ssl-required": "external",
    "resource": "service-nodejs"
  }
  • realm : The realm in which this service belongs
  • bearer-only : This is a flag to indicate that this service will not perform any redirects; it will only accept authenticated requests.
  • auth-server-url : This is the url of our Keycloak instance.

Start the service

Go to the service directory:

cd /root/service-nodejs/

Install the service:

npm install

And run it:

npm start

keycloak.json
This tab will not be visible to users and provides only information to help authors when creating content.

Creating Katacoda Scenarios

Thanks for creating Katacoda scenarios. This tab is designed to help you as an author have quick access the information you need when creating scenarios.

Here are some useful links to get you started.

Running Katacoda Workshops

If you are planning to use Katacoda for workshops, please contact [email protected] to arrange capacity.

Debugging Scenarios

Below is the response from any background scripts run or files uploaded. This stream can aid debugging scenarios.

If you still need assistance, please contact [email protected]