Skip to content

Service-centric Authentication

This page describes the part of service-centric authentication using the keycloak authentication server.

Endpoints:

1. Get an administration token

This API retrieves an access token

POST: https://identity1.i3-market.eu/auth/realms/i3market/protocol/openid-connect/token

  • Content-Type: application/x-www-form-urlencoded
  • Request Body: grant_type: "client_credentials"
  • Authentication: Basic Auth (username=AdminClient, password=c3c9e734-79ae-4545-88de-5f49bd4a67fe)

Response: 

{
    "access_token": "eyJhbGciOiJ...",
    "expires_in": 300,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "not-before-policy": 1632472618,
    "scope": "custom-claims profile email"
}

2. Register a new user

POST: https://identity1.i3-market.eu/auth/admin/realms/i3market/users

  • Content-Type: application/json
  • Authorization: Bearer eyJhbGciOi...

Example of a user: 

{   
    "username": "newuser14",
    "enabled": true,
    "emailVerified": true,
    "firstName": "firstname",
    "lastName": "Utente14",
    "email": "newuser14@mail.it",
    "realmRoles": [ "consumer" ],
    "credentials": [ {"value":"password"} ]
}

3. Register a new client

POST: https://identity1.i3-market.eu/auth/admin/realms/i3market/clients

  • Content-Type: application/json
  • Authorization: Bearer eyJhbGciOi...

Example of a client: 

{
        "clientId": "new-i3market-client10",
        "name": "new-i3market-client10",
        "alwaysDisplayInConsole": false,
        "access": {
            "view": true,
            "configure": true,
            "manage": true
        },
        "attributes": {},
        "authenticationFlowBindingOverrides" : {},
        "authorizationServicesEnabled": false,
        "bearerOnly": false,
        "directAccessGrantsEnabled": true,
        "enabled": true,
        "protocol": "openid-connect",
        "description": "new client",
        "surrogateAuthRequired": false,
        "clientAuthenticatorType": "client-secret",
        "defaultRoles": [
            "manage-account",
            "view-profile"
        ],
        "redirectUris": [
            "https://oauthdebugger.com/debug"
        ],
        "webOrigins": [],
        "notBefore": 0,
        "consentRequired": false,
        "standardFlowEnabled": true,
        "implicitFlowEnabled": false,
        "serviceAccountsEnabled": false,
        "publicClient": true,
        "frontchannelLogout": false,
        "fullScopeAllowed": false,
        "nodeReRegistrationTimeout": 0,
        "defaultClientScopes": [
            "web-origins",
            "role_list",
            "profile",
            "roles",
            "email"
        ],
        "optionalClientScopes": [
            "vc:consumer",
            "vce:consumer",
            "vc:provider",
            "vce:provider",         
            "vc:consumerprovider",
            "vce:consumerprovider"
        ]
    }

Last update: 2022-04-06
Created: 2022-04-06
Back to top