I have created a saml client in keycloak. To get the access token in postman, i have the "client-id, grant-type, username, password" in header and hit the "http://{myserver ip address}: {port}/auth/realms/master/protocol/openid-connect/token". i got the error as "Client secret not provided in request". But i am unable to see the client-secret in keycloak.
Note: Iam able to see the client secret for admin-cli and security-console but my client is saml client and i am not seeing the client secret for that.
1
votes
You are mixing client auth protocols: OIDC and SAML.
– Jan Garaj
cann't we do like this? Is this mandatory to follow the same protocol on both end?
– Maria
1 Answers
0
votes
Under OpenID connect,if you set your client's "Acces Type" to "confidential" or "bearer-only", then a new tab becomes available called "Credentials", there you'll see an auto-generated secret (that you can "re-generate"). When you talk to your token endpoint HOST:PORT/auth/realms/YOUR-REALM/protocol/openid-connect/token , you'll need to provide the param "client_secret" with the autogen value you just saw (on top of your password, client_id, username & grant_type). This will work for OIDC, for SAML like you show, I'm not sure if it works like OIDC, but if it does, should be pretty similar.
Hope it helps.
