Mandatory bearer token authentication for any realm-restapi-extension SPI? #48564
hito-dono
started this conversation in
API guidelines
Replies: 1 comment
-
|
@pedroigor Can you provide any context or additional details for that change? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
With initial support for SCIM feature, authentication with bearer token was added to RealmsResource
https://github.com/keycloak/keycloak/pull/45978/files#diff-0dad2d1dcdea8876514ac55c44b6679ffe9c3ba4c626450870cacea1944ee50aR284
We have a custom extension implementing RealmResourceProvider for our internal services integration, extension always checked Basic authorization via client_credentials.
Now we struggle with upgrading our custom Keycloak image to latest version, integration with internal services needs to support bearer token authentication.
We acknowledged that SPI is internal and changes there are not explicitly documented.
Is that intended behavior for RealmsResource?
I assume that bearer token authentication was added only for ScimResource extention in that PR.
Why bearer token authentication added on RealmsResource level, but not ScimRealmResourceFactory?
Beta Was this translation helpful? Give feedback.
All reactions