Keycloak: JWT token using curl post.

In this post, we will “how to request JWT token” for API testing or post request using postman or curl client. For configuring the basic setup like client and realm, please read this Keycloak: Realm & Client Configuration.

To see a list of all the Keycloak Endpoints for protocol “OpenID-Connect”

Well-Known

https://host:port/auth/realms/<realm>/.well-known/openid-configuration
eg: https://localhost:8081/auth/realms/master/.well-known/openid-configuration
keycloak-demo realm:
https://0.0.0.0:8445/auth/realms/keycloak-demo/.well-known/openid-configuration

Token Post Endpoint:

https://hostname:port/auth/realms/<realm>/protocol/openid-connect/token

You can send a post request with one of these supported grants types:

grant_types_supported: [
"authorization_code",
"implicit",
"refresh_token",
"password",
"client_credentials"
],

I created a shell script for making it easier to request a JWT token.

keycloak-curl.sh

akoserwal/keycloak-integrations

Usage: . ./keycloak-curl.sh hostname realm username clientid
  options:
    hostname: localhost:8081
    realm:keycloak-demo
    clientid:demo
    For verify ssl: use 'y' (otherwise it will send curl post with --insecure)

Example

./keycloak-curl.sh host:port realm username client

It will prompt for the user password.

You can use the JWT token for accessing secured resource or API endpoint sending token as an Authorization header:

curl -X GET \
  http://localhost:8000/test \
  -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJucnZ1ZS1tcTJ3a09DaEtXUldaa1lWTko3OUpma1VxTTR0ZUFocVZIMzBJIn0.eyJqdGkiOiJhMTc2NjU5YS1iY2JkLf....'

Thank you for reading this post. If you like this post, give a Cheer!!!

Follow the Collection: Keycloak for learning more…

Happy Coding ❤