Skip to main content

Getting access to API 2.0

Below example is for staging Keycloak and guineapig client.
Please change url and client accordingly to your needs.
 
To retrieve an authorization token for Rest calls, send a POST request to  https://keycloak.staging-adhese.org/realms/adhese-guineapig/protocol/openid-connect/token with the parameters:

  • username
  • password
  • client_id=adhese-app
  • grant_type=password

Using curl:

curl --location 'https://keycloak.staging-adhese.org/realms/adhese-guineapig/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=adhese-app' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=username' \
--data-urlencode 'password=password'

You will get back an access token:  

{
    "access_token": "<access_token>",
    "expires_in": 60,
    "refresh_expires_in": 1800,
    "refresh_token": "<refresh_token>",
    "token_type": "Bearer",
    "not-before-policy": 0,
    "session_state": "0821e5b7-4420-4f8c-9a9f-4b98afc3fb6c",
    "scope": "profile email"
}

To execute Rest requests that require authorization, add an Authorization header with value Bearer <access_token>, where <access_token> is the access_token returned by the above request and add an Use-Keycloak-Auth header with value true

curl --location 'https://guineapig.staging-adhese.org/api/users/me' \
--header 'Use-Keycloak-Auth: true' \
--header 'Authorization: Bearer <access_token>'
Back to top