Authentication and Authorization for Java Microservices with Keycloak, Quarkus and Microprofile

October 29, 2020October 29, 2020Leave a comment

In this blog post I want to point out that I created a 18 min YouTube video related to the newly created workshop Get started with security for your Java Microservices made by Harald, Niklas and me .

I focus in that video on the topics authentication and authorization for Java Microservices with Keycloak, Quarkus and Microprofile. Have fun 😉

I hope this was useful for you and let’s see what’s next?

Greetings,

Thomas

#Authorization, #Authentication, #Java, #Microprofile, #Quarkus, #Keycloak

How to create a new realm with the Keycloak REST API?

August 4, 2020December 21, 202012 Comments

In this blog post I want to show, how to create a new realm with Keycloak REST API , because later I want to automate the Keycloak realm creation for a workshop using curl in a bash script.

The reason of that blog post is, that the information in the REST API documentation wasn’t detailed enough for me. The image shows what I found first in the Keycloak REST API documentation .

In common it’s very simple to use the Keycloak REST API. For more details see in my blog post Getting started to secure a simple Java Microservice with Keycloak, MicroProfile and OpenLiberty.

First you need a bearer authorization token for an administration user and with that token you create a new realm using the realm json exported before.

Here is what I found:

… for the Authorization user for administrative tasks, I got the missing pieces in the Keycloak documentation here.
… for the submit of the realm json, I got the missing pieces as a part of the answer on StackOverflow “Unable to create Keycloak realm via the rest admin API: Unsupported Media Type“.

I used POSTMAN to check it out. These are the steps I did in POSTMAN.

Continue reading →

Getting started to secure a simple Java Microservice with Keycloak, MicroProfile and OpenLiberty

June 30, 2020August 26, 20202 Comments

The objective of this blog post is to share with you an extract of a “simple” example project on GitHub I created to get started with: How to access a Java Microservice using the Open Source Identity and Access Management with Keycloak and JavaWebToken (JWT).

‌

In that project I want to …

… secure the Microservice with Authentication
… secure a specific REST Endpoint invocation of the Microservice Authorization
… test the access to the Microservice with a JUnit test.

The Microservice runs on OpenLiberty and uses MicroProfile. The example Microservice is called Authors and is from the open sourced Cloud Native Starter project. So, you can compare the implementation of the Authors Microservice in this project with the implementation in the Cloud Native Starter project. The example doesn’t use a frontend UI for the Authentication. The JUnit test will authenticate with the Keycloak REST API.

Here is a 7 min YouTube video about the setup of the example:

Continue reading →

Thomas Suedbroecker's Blog

I want to share my experience in the cloud development area.

Tag: #Keycloak

Authentication and Authorization for Java Microservices with Keycloak, Quarkus and Microprofile

How to create a new realm with the Keycloak REST API?

Getting started to secure a simple Java Microservice with Keycloak, MicroProfile and OpenLiberty