Using curl to access protected API
Learn how to access an API with Keycloak security-enabled by using the curl tool to obtain an access token.
- Create an instance of Keycloak following the indicated procedures.
- Run the microservice payment.
- Make sure you have registered a user in Keycloak and obtained the Realm credentials.
- To obtain the authentication token through curl, it is necessary to make a post in the Keycloak API informing the parameters: username, password, client_id, client_secret.
a) After obtaining the parameters
|
|
b) After executing it, you should get the result as shown in the example below.
|
|
In this example, we’ve reduced the size of the result Access Token to make it easier to see. There are some tools that allow you to view the JSON Web Token if you want to inspect the Keycloak result.
c) Get the value of the access token and mount the query to perform a GET on the protected API entering the “Authorization: Bearer” parameter in the Header.
|
|
d) The same example can be repeated to perform a POST to the protected API.
|
|