Do Keycloak Clients have a Client Secret?
KeycloakKeycloak Problem Overview
Does keycloak client id has a client secret? I tried to create a client in keycloak admin but I was not able to spot client secret.
Is it auto generated? Where can I get the secret?
Keycloak Solutions
Solution 1 - Keycloak
Your client need to have the access-type
set to confidential
, then you will have a new tab credentials
where you will see the client secret.
https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/clients/oidc/confidential.html
Solution 2 - Keycloak
Client need to have the access-type
set to confidential
and you can see the client Secret in credentials tab
Solution 3 - Keycloak
> Does keycloak client id has a client secret? I tried to create a > client in keycloak admin but I was not able to spot client secret.
First, you should know that Keycloak implements OpenID Connect, which
> is a simple identity layer on top of the OAuth 2.0 protocol.
According to the OAuth 2.0 protocol clients can be either confidential or public.
> The main difference relates to whether or not the application is able > to hold credentials (such as a client ID and secret) securely.
Regarding the confidential clients:
> Because they use a trusted backend server, confidential applications > can use grant types that require them to authenticate by specifying > their client ID and client secret when calling the Token endpoint.
Armed with this knowledge you can easily create a client that will have a client secret as follows: