I'm using Keycloak and SpringBoot API. My goal is to be able to use the keycloak Admin REST API with a token that is generated only one time. I have enabled the service account, but the token expires after few seconds. What can i do to generate a token that NEVER expire ? (like on Openshift service account)
If it not possible, how can i connect my springboot service to the Keycloak instance ? Do i need to generate each time, before each request a token ??
curl --location --request POST 'http://localhost:8081/auth/realms/api/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=admin-cli' \
--data-urlencode 'client_secret=f8111a95-67dd-412e-9e04-cf044f0e0286'
Thanks for any information
You could implement a little helper component that provides the token centrally, refreshing it automatically behind the scenes (if necessary). The response from Keycloak includes an expires_in property which holds the token expiry in seconds, and the token itself carries expiry information in the standard exp claim.