通过Keycloak中的refresh_token刷新access_token [英] Refresh access_token via refresh_token in Keycloak
问题描述
如果用户的access_token
过期并且用户希望继续登录,则需要使用户继续在系统中登录.
I need to make the user keep login in the system if the user's access_token
get expired and user want to keep login. How can I get newly updated access_token
with the use of refresh_token
on Keycloak?
我正在将 vertx-auth 用于与 vert.x 上的https://www.keycloak.org"rel =" noreferrer>密钥斗篷.是否可以使用 vertx-auth 或
I am using vertx-auth for the auth implementation with Keycloak on vert.x. Is it possible to refresh access_token
with vertx-auth or Keycloak's REST API itself? Or what will be another implementation of this?
推荐答案
keycloak具有用于使用refresh_token
创建access_token
的REST API.这是一个POST endpoint with application/x-www-form-urlencoded
keycloak has REST API for creating an access_token
using refresh_token
. It is a POST endpoint with application/x-www-form-urlencoded
这是它的外观:
Method: POST
URL: https://keycloak.example.com/auth/realms/myrealm/protocol/openid-connect/token
Body type: x-www-form-urlencoded
Form fields:
client_id : <my-client-name>
grant_type : refresh_token
refresh_token: <my-refresh-token>
这将使用刷新令牌为您提供新的访问令牌.
This will give you new access token using refresh token.
注意::如果您的刷新令牌已过期,则会引发400个异常,您可以再次使用户登录.
NOTE: if your refresh token is expired it will throw 400 exception in that you can make user login again.
在Postman中查看示例,您可以使用它开发相应的API.
Check out a sample in Postman, you can develop and corresponding API using this.
这篇关于通过Keycloak中的refresh_token刷新access_token的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!