Thursday, January 24, 2019

How to configure Postman to get Access Tokens (OAuth 2.0) from Keycloak

First of all login to keycloak with admin account you initially created.
If you are not familiar use below link (https://www.keycloak.org/docs/latest/getting_started/index.html#creating-a-realm-and-user)

Now you have logged into Keycloak master realm as admin. Now let’s create Keycloak realm first. For that click on Left upper corner like the image below (For the first time it should only have the master realm since I did this before you can see my previous realms)



Click Add realm and give a proper name here I give kitcut-realm
Check the image below.



Now we need to create a client for our realm. Click on Client on Left sidebar on Next window.


Click Create button on the right side of the window. And give client name. Let say kitcut-app-client


Now Click Save button on the below.
On next window Scroll down to Access Type select Confidential


After that scroll down further more and you have to give least one * Valid Redirect URIs
Let say our redirect is http://localhost:3000/* now click Save on Bottom of page.

After that, you can see new Tab named Credentials appears next to the Settings tab on Top.


Select Client Id and Secret from the drop down named Client Authenticator.
Now we need to create a user to access the realm.
Click Users on the left sidebar and create a user. Let say admin-user.


Then click Save. On next window click Credentials on the top menu and give a password.
Here I will give password as the password. Please Click Temporary as Below.
(Otherwise keycloak will prompt to change the password on the first login)


Then click Reset Password to change the password.
Now completed to basic requirements to connect Postman to connect with keycloak.

We need few details to connect with keycloak.

Access Token URL: http://localhost:8180/auth/realms/kitcut-realm/protocol/openid-connect/token

Please note that your realm name should replace kitcut-realm in above URL

Username: admin-user
Password: password

Now we need client id and client secret.
For that go to Clients -> kitcut-app-client (Or whatever name you gave) -> Credentials

You will see an image like below


Your
Client ID: kitcut-app-client
Client Secret: 881cbb23-be8f-4f22-807c-5ec9d37f0653 (Add your one from above window)

Now Open Postman and Click Authorization button
Then Click Get New Access Token from below window.


You will see Below window.
Give a name to Token Name and Password Credentials on Grant Type drop down.
Give openid to Scope. Also above we collected details


Click Request Token button. If everything right you will see an image similar to below


Now press Use Token button. Well, now you have successfully added authorization header to Postman request.

No comments:

Post a Comment