Get access token in Keycloak using the grant type Resource Owner Password Credentials of OAuth 2.0

When working with applications that use Keycloak for authentication, which the front-end calls to the back-end using APIs, we will often need to test APIs with access tokens, because this time the back-end will also need to use Keycloak for authentication. To do this, we will need to have the client’s access token and pass them into the request’s header to the API. In this tutorial, I will show you how to get access token in Keycloak using grant type Resource Owner Password Credentials of OAuth 2.0!

Assume, I have a client and a user declared in Keycloak as follows:

Get access token in Keycloak using the grant type Resource Owner Password Credentials of OAuth 2.0

and:

Get access token in Keycloak using the grant type Resource Owner Password Credentials of OAuth 2.0

Make sure our client has TURN ON Direct Access Grants Enabled!

To get access token for this client, we will use a RESTful API of Keycloak with the POST method as follows:

with host, port is the information of the Keycloak server, realm is the realm that this client belongs to.

In the body of this request, you need to pass more information including client_id, username, password, and grant_type=password.

In my example, I will request the following URL:

In the body, the client_id will be angular-test, the username is huongdanjava, the password of the huongdanjava user and grant_type=password.

Detail request using Postman will be as follows:

Get access token in Keycloak using the grant type Resource Owner Password Credentials of OAuth 2.0

The result will look like this:

Get access token in Keycloak using the grant type Resource Owner Password Credentials of OAuth 2.0

Now, you can copy and pass the access token into the request to the backend API for testing!

Chia sẽ bài viết này ...Share on Facebook
Facebook
0Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin

Add Comment