Marcel Német

For supporting the authorisation APIs, a modified Http Interceptor is necessary. The interceptor should add authorization header to each request which goes to REST API. When Keycloak Policy enforcer returns...

I am looking into it.

I think we are talking about many issues now. Feel free to skip the _italics_ for a TL;DR version. Sending the username/pw is a separate issue. The default configuration is...

@snowping in case of method 1 (Entitlement API), the client can obtain an RPT with all permissions on the first try (if you do not specify which permissions you want,...

In previous comments, I described how I understand the documentation and flows after playing with keycloak photoz sample app. Please comment too, and try to challenge it. I will see...

I forked the repo, currently got stuck trying to import keycloak-authz (KeycloakAuthorization) from the keycloak-js module into keycloak-angular. Anybody managed to import the KeycloakAuthorization?

I managed to import it as `import * as KeycloakAuthorization from 'keycloak-js/dist/keycloak-authz'; ` Also, I think there is a bug in the line number 21 of file `keycloak-authz.d.ts`. I had...

few things changed since the issue was opened implicit flow is not recommended for single page applications in keycloak 7 (next release), there should be an implementation for Javascript adapter...

For authorization, some Http Interceptor is necessary. The interceptor should add authorization header to each request which goes to REST API. When Keycloak Policy enforcer returns unauthorized, it also returns...

One more comment: Angular as a public client should not use standard authentication flow. Instead, it should use implicit flow. In implicit flow, the client receives an access code in...