Home > Software design >  How to authenticate an asynchronous task with an API protected by Keycloak?
How to authenticate an asynchronous task with an API protected by Keycloak?

Time:01-12

I'm analyzing the feasibility of using KeyCloak in a microservices architecture, where there are asynchronous tasks that perform actions on APIs of other services.

The authentication flow that starts with a user action, whether in a mobile or web application, using Keycloak was clear, but I didn't understand how a system can authenticate itself with another system. Does KeyCloak support this type of scenario?

For example:

Every day at 12pm it is necessary to analyze the quantity of a product and make requests to the supplier's API. How will the worker authenticate with the products API using KeyCloak?

CodePudding user response:

You use the client credentials flow to authenticate between services, ie for machine-to-machine communication.

One stragegy is to use the authorization code flow with the users and then client credentials between services on the backend, like this:

enter image description here

You can read more about it with Keycloak here

Page link:https//www.codepudding.com/Softwaredesign/259811.html

Prev:Migration from IdentityServer4 to AzureB2C
Next:How to change the http client used by pouchDB?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding