Securing a React App with Keycloak | OpenID Connect
Рет қаралды 21,889
Күн бұрын
@thelazycomputer99 2 ай бұрын
Simple, to the point! thanks a lot
@AliIftikhar-ul1rw Ай бұрын
hats off to you man
@TheCloudShepherd 6 ай бұрын
Outstanding
@luigicerrato6474 9 ай бұрын
Hi, can you do a new video, there you show us how to use "usekeycloak" to access the current state and other properties in another pages? Thanks a lot it's helpful.
@EmanueleFaggio 9 ай бұрын
I follow you! how Can I use Keycloak with the component?
@hexadefence 9 ай бұрын
Thanks for the request. It is possible to make kc object available across the whole application so any component can access it.
@sherifmakalou9690 2 ай бұрын
Great job ! But how to use our own home page which redirects us towards keycloak authentication when clicking on "Login with keycloak" button for example ?
@hexadefence 2 ай бұрын
You need to change 'login-required' option to 'check-sso' option, then you have to create a function to call kc.login() on the login button click.
@pratheekbanagar4420 2 ай бұрын
Thanks for making the video, I have a requirement in my project where in I need to login from my custom login page, with spring boot being the backend connected to keycloak, The communication needs to take place with the help of Rest API. Please suggest on how can I achieve this .
@blacklight8932 5 ай бұрын
and when would you use oauth2 in this context?
@hexadefence 5 ай бұрын
Openid connect protocol works on top of the oauth 2.0.
@KnowledgePursuitNT Ай бұрын
Thanks a lot, but I have trouble with client authentication (confidential access type) when I turned it on. I can't get the token. Please help me. Thank you.
@hexadefence Ай бұрын
Making the client confidential is not necessary. React app is loaded in the user's web browser. He can inspect the source code and get the secret easily. Therefore normally web browser clients are kept public.
@ameenulhaseeb3899 Ай бұрын
@@hexadefence Then how can i possible authorization (Scope,Permission,Resource) using React?
@hexadefence Ай бұрын
Those things can be configured irrespective of the client type.
@ameenulhaseeb3899 Ай бұрын
@@hexadefence When i switch on authorization button.authentication is not working. How can resolve this?
@user-xg5mt7wz5o 7 ай бұрын
Greetings, thank you for this tutorial.I have a question regarding proper token validation on the resource server side.Can you tell me how you would implement this.Thank you in advance!
@hexadefence 7 ай бұрын
Thanks for the message. For that you need to implement an access token validator in your backend API. That validator will validate things like who issued the token, token expired or not, audience of the token, etc
@shubhambhosale5937 Ай бұрын
At 4.15 while assigning role, I am not getting the admin role, I am getting only offline_access and uma_authorization role, can you help why is it so and what should be my next steps if admin role is not present.
@hexadefence Ай бұрын
Does the user that you have used to access the keycloak console have admin role?
@user-xh1cp3fb9c 5 ай бұрын
can we use these process in react native app for authorization code flow
@somnathdevdhe5188 9 ай бұрын
Thanks for providing a detailed video. I need your help to address an issue. I have used the same code as yours. But when I run my application in the browser, first the application page is displayed and later the Keycloak login page is displayed. Do you have any idea where I am making a mistake in the code. Please help me to address the issue. Do let me know if you require any additional information from my end. Thanks in advance.
@tasbeehaakmal 2 ай бұрын
Have you resolved this issue?
@hexadefence 2 ай бұрын
@tasbeehaakmal typical flow is first the single page app is loaded and after that it redirects to the keycloak login page. Since the time between the two events are very small, application is not visible to the end user. End user feels like he was directly sent to the login screen. Are you experiencing something other than this?
@seulzarraga8506 5 ай бұрын
Great, thanks for sharing this video. I'm getting an error when I try to login with a created user. it says "We are sorry... Cookie not found. Please make sure cookies are enabled in your browser." I looked for some info about this error, but I can't get something that make it works. Have you seen it before???
@hexadefence 5 ай бұрын
Can the new user access keycloak console?
@user-jm6eh6ni3g 4 ай бұрын
Hello! Did you find a solution to this problem? I have the same situation.
@user-ol9fs8rm8f 9 ай бұрын
Hello! Where should I pass clientSecret if access is not public?
@hexadefence 9 ай бұрын
There is no advantage of using a private client since the application is running on user's web browser. So the user can inspect the code and steal your secret. That is why PKCE method is used to strengthen the security of the public clients.
@sakthivj1298 6 ай бұрын
Hi bro How to customise your login form screen in keycloak version 23
@hexadefence 6 ай бұрын
You can modify the theme.
@hamedgorji2529 10 ай бұрын
Can I have this tutorial source code?
@hexadefence 10 ай бұрын
github.com/hexadefence/keycloak-react-example
@depression_plusplus6120 8 ай бұрын
Where is this access token and refresh token stored in? ...Cookie? And why does this token gets changed each time I refresh...like in just seconds it changes...wtf
@hexadefence 7 ай бұрын
Tokens are not stored in cookies. Changing token in each refresh is the normal behavior
@uzdik.student 3 ай бұрын
1:40 How to set up access type?
@hexadefence 3 ай бұрын
You can do it from client settings section
@ductran1954 9 ай бұрын
I get some errors, I can login but can't authenticate and can't get the token. And when i try catch error , i get undefined....
@hexadefence 9 ай бұрын
Can you please post the full error you are getting
@gnanadeep3605 6 ай бұрын
same issue. i can login but cant get the token
@hexadefence 6 ай бұрын
Can you please post a detailed explanation to the issue?
@AliIftikhar-ul1rw Ай бұрын
getting the same after login it console the error of unauthorized on get token call. i did exact same step.
@anchalgupta4362 6 ай бұрын
Hi I'm facing jwt error token errors Please help me there
@hexadefence 6 ай бұрын
Are you having an error related to jwt validation?
@user-do7zv9fn8f Ай бұрын
because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'
@mokosandev07 8 ай бұрын
Hello can you make video keyclock integration with laravel , already subscribe your channel
@hexadefence 7 ай бұрын
Thanks for the request. Will produce a one in near future
@mokosandev07 7 ай бұрын
thanks @@hexadefence
@user-jx7gp7cj4b 10 ай бұрын
thanks bro, can you share your gmail or linkedin profile link
@hexadefence 10 ай бұрын
Please check the channel details section for the email
Niko Köbler (@dasniko) - Keycloak Expert
Рет қаралды 11 М.
Milan Jovanović
Рет қаралды 22 М.