OAuth 2.0 flow using Keycloak with a back-end and front-end?

I'm working on a project that consists of:

  • A back-end in Java (JEE project deployed on Wildfly)
  • Front-end developed in Angular
  • Keycloak for authorization and authentication

What I need to do is:

  1. Access my Angular app, which communicates with my backend calling its APIs(e.g GET, POST, PUT, DELETE)
  2. Go to the Login Page, authentication is done by Keycloak, so I get directed to Keycloak login page.
  3. Login is successfull ----> I get redirected to my Angular landing page, now I can navigate my Angular app.

The frontend is talking with the backend via RESTful APIs, and I need to use OAuth2.0/OPENID standard flow, which means I'm gonna first get the auth code and the the access token/refresh token to stay connected.

My backend is already configurated with Keycloak through the Wildfly adapter given on Keycloak official site, and through web.xml and keycloak.json both in WEB-INF folder.

So known that I'm able to get the auth code via the Valid Redirect URIs given by Keycloak, how can I configure my whole project to get the 3 points written above? Do I need two clients on my Realm in Keycloak?

Can someone please explain me how I can I setup the whole flow using Keycloak?

Thanks a lot!

How many English words
do you know?
Test your English vocabulary size, and measure
how many words do you know
Online Test
Powered by Examplum