Do Keycloak Clients have a Client Secret?

Does keycloak client id has a client secret? I tried to create a client in keycloak admin but I was not able to spot client secret.

Is it auto generated? Where can I get the secret?

Your client need to have the access-type set to confidential , then you will have a new tab credentials where you will see the client secret.
https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/clients/oidc/confidential.html

Client need to have the access-type set to confidential and you can see the client Secret in credentials tab

> Does keycloak client id has a client secret? I tried to create a > client in keycloak admin but I was not able to spot client secret.

First, you should know that Keycloak implements OpenID Connect, which

> is a simple identity layer on top of the OAuth 2.0 protocol.

According to the OAuth 2.0 protocol clients can be either confidential or public.

> The main difference relates to whether or not the application is able > to hold credentials (such as a client ID and secret) securely.

Regarding the confidential clients:

> Because they use a trusted backend server, confidential applications > can use grant types that require them to authenticate by specifying > their client ID and client secret when calling the Token endpoint.

Armed with this knowledge you can easily create a client that will have a client secret as follows:

1. Create a client with "Access Type" set to confidential:
2. Click the Save button;
3. Afterwards a new tab named "Credentials" will show up :
4. And there you can see the client secret: