For those who get this in postman (minute 30:34) { "error": "invalid_grant", "error_description": "Account is not fully set up" } What worked for me was: setting the email, firstname and lastname for the user.
Dear alibou, I wanted to take a moment to say thank you for your amazing tutorial video on TH-cam about Keycloak and its implementation in Spring Boot. Your video was incredibly helpful and easy to understand. I really appreciate how you explained the concepts of Keycloak and showed how it can be integrated with Spring Boot. Your explanations were clear and straightforward, making it easy for me to follow along. If possible, it would be great if you could create a video tutorial specifically focusing on the authentication flow. This would greatly enhance our understanding of the topic. Additionally, I would love to see a video tutorial on debugging in IntelliJ IDEA. As a beginner developer, learning effective debugging techniques is crucial, and I believe your guidance would be highly beneficial. Thank you once again for creating such valuable educational content. Your videos have significantly improved my understanding of Keycloak and Spring Boot, and I eagerly look forward to watching more of your tutorials in the future. Best regards, ArefSa
Dear Alibou, I want to express my gratitude for you taking time to create a so detailed and rich explanation on how to integrate KeyCloak in Java Spring Boot. Many thanks!
I'm a Java fresher, and this time I want to work on a personal project involving Spring Security combined with JWT and OAuth2. I have watched many of your tutorial videos, and I must say they have been extremely helpful to me. Thank you for all the knowledge you have provided.
Excelent job bro, you help me a lot. A tip if you do not want to fill all the information about the user you should disable some stuffs on configuration.
Thanks, bro. This is probably the best video on the subject that I've come across recently. You're good at explaining things. I'd like to see another video on how to perform user registration through REST API and Keycloak. PS and, yeah, it would be great to watch a good video about OAuth and Spring Security REST API. I know you had something similar, but without the REST API."
I finally watched a video that really helped me! Thank you for that! I would like to know how to make it possible to use Keycloak in both the back-end (Java + Spring) and the front-end with React.👏👏👏👏
at 30:45 if any one facing the following error ``` { "error": "unauthorized_client", "error_description": "Invalid client or Invalid client credentials" } ``` also include client_secret as a parameter, the value can be find in your realm -> clients -> credentials -> Client Secret.
Thank you very much for this video. I was searching for a good tutorial for a long time, but most tutorials just throw some random code and config in your face, without any explanation. Mostly this does not really work and you have got no change to understand what you are doing and what is going wrong. This one is very different and I got a better understanding what is happening and I have got the feeling to start over by myself.
With quarkus you don't need to write this bunch of classes and settings, just use a single @ROLES notation. Spring still has a lot to evolve compared to other frameworks. Actually what saved Spring was the Graal VM
Very nice explanation We need custom temple with keycloak for login and try to use front end as a react and back end is an springboot Note: When we are hitting front end that should be redirect to keycloak login custom template if user validated then we need to redirect to springboot and Response send to front end Thanks in advance
Thank you very much for this guide. The JWT Authentication converter is really tough but well explained! I'm looking for now to replicate / save keycloak users into my database.
@@BoualiAli Because I have some relations between entities like "UUID carOwner" into CarEntity (eg). And I add some business informations to my logged user. Do you think it's a bad practice?
Great Video. It really helped me while migrating things over. There are some upgrades missing in your github. Let me know if I can contribute anything and make it complient as per latest spring boot version.
Those following this video, pls disable all the required actions in Configure -> Authentication -> Required actions tab. Applicable for keycloak 24.0.5.
I was going through a Udemy course, and the Keycloak screens there were too old, the new version of UI is very different. Thankfully I landed on this video. It helped me a lot. Thanks.
well explained video ❤ Could you please make a video where we are implementing social login and own jwt authentication in a single spring boot application.
@@BoualiAli Thank you and I also requested you to make a video where linkedin and twitter is act as a social media platform for oauth2 login instead of google and github with spring boot
If anyone using the latest version of keycloak while setting up the user make sure you are providing the firstame, lastname and email as well cause the existing version ends up throwing invalid grant type issue when accessing token endpoint. Also use lombok 1.18.30 when using JDK 21.
Now you did this all in one single spring app. How could i put all these settings into a seperate spring boot project and use it in multiple other spring boot projects to have a real microservice structure?
thank you for the content. can you demonstrate how to automatically refresh the token once expired without having the user to login again (when microservice1 calls microservice2 for example) ?
Hey thanks for the tutorial, I am new to this so have a few questions.. 1. Instead of appending Role in code can't we just do it in keycloak itself. 2. Can we use some kind of pattern matching like antmatcher and assign roles for endpoints instead of using preauthorize on each endpoint?.. it might become repetitive as endpoints increase to double digits.
Happy you liked it! 1- yes it is possible but you need to configure your spring app to remove the prefix (ROLE_) 2- yes you can do that, check the roles and permissions video and you will have a clearer picture how to implement it
Thank you for this awesome content. Pls can you make a video for multiple implementation of UserDetaisService, so that the system can use multiple table for authenticating user depending on the Login endpoint. Thank you
Happy you liked it The question that you really need to ask: why you have such system design? I guess you need to review you database design and group all the users in one table. Please provide more details and I will try to answer and assist you
Congratulations, I wanted to use Keycloak to help me implement the project, I followed your steps and it's working, very good, now the question I have left is how I can validate the expiration of the jwt token, any ideas.
I love your videos, this was really helpful to understand keycloak, but i would love to see if its possible to make a controller that gets the user credentials and with those credentials to make the request to the keycloak for the authentication if you have any tip on this it would be helful. Thanks again for the hard work !
Happy you liked it. if you need such functionality, you just need to invoke the same endpoint I used in postman and pass the required body with the correct values and you will get the token
@@BoualiAli I tried that way and managed to make it work now i skipped the "/authentication" url so it can be accessed without Authorization header. And when i make a new request i pass the new token that i got from authentication to the request so Keycloak can make the check if the user is authenticated and has the right role to access the resources. Thanks again for help !
@@BoualiAlii want to implement authorization for angular, but of course angular cannot set the authorization. it should be public access. but how to granularly define which path in angular, assosiiate with which permission in keycloak, and how to actually implement this?
Those who received "invalid_grant, Account is not fully set up" error, please mention the user's firstname, lastname, and email even though they are not marked mandatory.
Hi, Thanks for the video. I would like to point out something about the role settings. Perhaps you need to make it a bit clearer that point. It seems we are defining users for the REALM. We can define Roles for a Realm as well. So any user that is defined under a particular realm can be associated with any role that is created within the same realm. For global permissions roles such as ADMIN, USER, MANAGER etc, may be handled by this realm role definition. Probably for fine-grain authorization within a client, we may need extra role definitions under a particular client such as USER(read but not write), ADMIN(data posting, updating etc).
What if we created roles in keycloak with name ROLE_ started can we escape writing our own jwtauthentication converter class so we can reduce much code ?
It is very nice and in-depth explanation. I really appreciate and learn a lot from it. However, the end of the video the converter implementation really makes Spring Security a difficult, confusing, and even if you understand in depth, super ugly framework to work with.
Hi Ali, first of all I want to thank you for this very detailed and well-explained guide, it really helped me have a clearer idea on how keycloak integration works in spring boot, but I really want to ask for help on this minor problem, i'm still getting 403 forbidden when even after adding the role
The check if the resouceId is null does not work the user can still access onsecured endpoint even when he is not authorized for this backend application
Hi there, great content! Just a quick question is it correct to say principle or principal? As I think we are referring to the request initiator which in this case would be a principal, but we refer to it as principle. Is this a typo or that's how it is supposed to be? Keep up the good work :)
@@BoualiAli For example the field principleAttribute, shouldn’t that be principalAttribute? I don’t get what are you referring to when you say principle? Just needed to clarify this :)
Hi Ali, I am developing an application using Keycloak and Spring Boot. I have implemented OTP login and Google Sign-In, but there is an issue. If a user has previously logged in with OTP and then tries to log in with Google using the same email, I get a "user already exists" error (federated identity account exists). In this case, I want the accounts to be merged. In other words, the user should be able to log in using both OTP and Google Sign-In with the same email. Could you help me with this?
Amazing video Bouali. One question: How could I register new users in frontend with keycloak using Angular with springboot? in my frontend in a login form, first I check if the credencials is ok, if it is ok, I return the token for user be able to make request, is it right? Thanks
well explained video ❤ Could you please make a video where we are implementing social login and own jwt authentication where we can give access to the github user to access the secured end point of spring boot.
Hi, thanks for the video! I have a question (maybe someone already found an answer): I tried to just create a new role ROLE_test_admin, and got 403, I guess it was because of principal, but why... What I'm trying to understand why we need to read "preferred_username" instead of "sub"?
That's very strange, but the problem is not in principal "preferred_name" or "sub". "JwtAuthenticationConverter" simply doesn't get "resource_access....roles". It only checks Arrays.asList("scope", "scp"); That's the reason... why...
Thank you for helping on this. I have a question: @28:01 why there is a need to assign client_admin role to user alebou? since the Admin has that role already. I believe this is duplicate.
Hello, Your tutorial is very good. Can you make a tutorial in which, in addition to Keycloak 21 and Spring Boot 3, Angular 16 is also integrated? There are few tutorials that integrate Keycloak, Spring Boot and Angular, and if there are, they are old because Keycloak has changed a lot in the meantime and many things are no longer the same. Thank you!
Happy you liked it I'm working on a full angular video and it will be released soon. After that I will create another one for keycloak integration with Angular too
Join the Micro Services course waiting list and get and get an exclusive EARLY-BIRD discount
aliboucoding.ck.page/d0f9317e13
For those who get this in postman (minute 30:34)
{
"error": "invalid_grant",
"error_description": "Account is not fully set up"
}
What worked for me was: setting the email, firstname and lastname for the user.
Thanks! :D
ma man ♥
thanks
Thanks man :)
Tks you so much :D
Dear alibou,
I wanted to take a moment to say thank you for your amazing tutorial video on TH-cam about Keycloak and its implementation in Spring Boot. Your video was incredibly helpful and easy to understand.
I really appreciate how you explained the concepts of Keycloak and showed how it can be integrated with Spring Boot. Your explanations were clear and straightforward, making it easy for me to follow along.
If possible, it would be great if you could create a video tutorial specifically focusing on the authentication flow. This would greatly enhance our understanding of the topic.
Additionally, I would love to see a video tutorial on debugging in IntelliJ IDEA. As a beginner developer, learning effective debugging techniques is crucial, and I believe your guidance would be highly beneficial.
Thank you once again for creating such valuable educational content. Your videos have significantly improved my understanding of Keycloak and Spring Boot, and I eagerly look forward to watching more of your tutorials in the future.
Best regards,
ArefSa
I really appreciate this comment.
Finally a tutorial that explains very well how keycloak works and its integration with springboot, thank you 🙏🏾
Glad you liked it!
Dear Alibou, I want to express my gratitude for you taking time to create a so detailed and rich explanation on how to integrate KeyCloak in Java Spring Boot.
Many thanks!
Glad it was helpful!
I'm a Java fresher, and this time I want to work on a personal project involving Spring Security combined with JWT and OAuth2. I have watched many of your tutorial videos, and I must say they have been extremely helpful to me. Thank you for all the knowledge you have provided.
Happy you liked it
Thanks for this one, yes we really need a debugging course.
Excelent job bro, you help me a lot. A tip if you do not want to fill all the information about the user you should disable some stuffs on configuration.
Very helpful. I was able to follow along except "invalid_grant" error which I saw later in the comment section. Thank you very much.
Thank you. I'm watching the second video on security in Spring boot on your channel and I'm absolutely delighted! No one has explained better yet.
I’m super happy to know that. Happy to have you here
Thanks, bro. This is probably the best video on the subject that I've come across recently. You're good at explaining things. I'd like to see another video on how to perform user registration through REST API and Keycloak.
PS and, yeah, it would be great to watch a good video about OAuth and Spring Security REST API. I know you had something similar, but without the REST API."
Glad you enjoyed it!
I will provide such content ASAP
I finally watched a video that really helped me! Thank you for that! I would like to know how to make it possible to use Keycloak in both the back-end (Java + Spring) and the front-end with React.👏👏👏👏
Happy you liked it!
I’m working on it
Thank you for the video. Your english is really understandable
You're welcome 😊
Danke!
I really appreciate that ❤️❤️
The best spring boot teacher
Happy you liked it
@@BoualiAlii agreed with him
at 30:45 if any one facing the following error
``` {
"error": "unauthorized_client",
"error_description": "Invalid client or Invalid client credentials"
}
```
also include client_secret as a parameter, the value can be find in your realm -> clients -> credentials -> Client Secret.
Thank you very much for this video. I was searching for a good tutorial for a long time, but most tutorials just throw some random code and config in your face, without any explanation. Mostly this does not really work and you have got no change to understand what you are doing and what is going wrong.
This one is very different and I got a better understanding what is happening and I have got the feeling to start over by myself.
Great to hear!
With quarkus you don't need to write this bunch of classes and settings, just use a single @ROLES notation. Spring still has a lot to evolve compared to other frameworks. Actually what saved Spring was the Graal VM
Spring is always 3 years (at least) ahead of the rest of the frameworks.
For quarkus, I need to try it and the we can discuss
Spring is more mature and better documented.
I would still go with spring because my company uses it.
This is great video. U have explained everything very well.
Glad you liked it
Thanks for such great tutorial. It helps a lot to get basic understanding of keycloak
My pleasure!
The best spring boot teacher (Bouali Ali). I want to new video for Java Concurrency & Multithreading Complete Course
Happy you liked it
I will schedule such a video
Amazing video, perfectly explained, very educational.
Thank you so much for this! (a video on debug mode on IntelliJ would be great).
Great suggestion!
thanks for providing github repo.. it works like a charm
Happy you liked it!
Awaited one from you, thanks man, keep rocking 🎉❤❤
Happy you liked it
One interesting tutorial would be one for interacting with keycloak using it's API's. For example creating users, updating passwords etc...
I will cover this part in a separate video
@@BoualiAli this sounds great. Can’t wait to see that video 🙂
Thanks a lot for your video, it is easy to understand the concept through your video
Glad to hear that
Really appreciate your video, amazing tutorial. Thank you!
Glad you enjoyed it!
Thanks sir for the nice explanation video on Keyclaok it was really helpful for me.
Very nice explanation
We need custom temple with keycloak for login and try to use front end as a react and back end is an springboot
Note: When we are hitting front end that should be redirect to keycloak login custom template if user validated then we need to redirect to springboot and Response send to front end
Thanks in advance
Happy you liked it!
I will cover more topics soon
Thanks @@BoualiAli
a lot of libraries were deprecated so it was difficult changing from sb2 to 3 but your tutorial helped a lot,thanks
Happy you liked it!
Thank you very much for this guide. The JWT Authentication converter is really tough but well explained! I'm looking for now to replicate / save keycloak users into my database.
Why do you need to do that?
@@BoualiAli Because I have some relations between entities like "UUID carOwner" into CarEntity (eg). And I add some business informations to my logged user. Do you think it's a bad practice?
@@remylavergne6424 just save the user id from keycloak
please make more video about keycloak, tks for your helpful video
Sure thing!
Thanks a lot. your video is fantastic, everything was self-explanatory
Glad you liked it
thank you Ali for this amazing tutorial
My pleasure
mr and so and so forth thank you
COUPON Code: *EARLYBIRD20* => Spring Data J PA course: aliboucoding.com/p/the-full-guide-to-master-spring-boot-data-jpa
Thanks a lot Ali. It was a great tutorial as usual.👏
Happy you liked it
thanks a lot Ali! This was very informative !
Glad it was helpful!
Great tutorial👏
Glad you think so!
Great Video. It really helped me while migrating things over. There are some upgrades missing in your github. Let me know if I can contribute anything and make it complient as per latest spring boot version.
Thank you so much!! Your video is really helpful!!
Glad it was helpful!
@@BoualiAli Merci beaucoup! ;)
Nice video. But can you please make a video on how to log out user and change the session time using keycloak & spring security
Happy you liked it
I will create another video more detailed
@@BoualiAli Thanks. Eagerly waiting for it.
Great tutorial :D Thank You :D
안녕하세요
알기 쉽고 꼼꼼하게 설명해주셔서 너무 감사합니다ㅜㅠ
구독 할게요!
Happy you liked it!
excellent video, thank you for sharing!
Happy to have you
Those following this video, pls disable all the required actions in Configure -> Authentication -> Required actions tab. Applicable for keycloak 24.0.5.
Thank you!! I got an "invalid_grant" error before disabling them 😂😂
@edouardo_afangnon1783 yup was having same error.
Life saver! Thanks a lot bro
Life saver mate
Thank you bro now working, i have spent whole day due to this😂
Great video, it's really helpful that developers like you are putting hardcore efforts to share their knowledge.
Nice tutorial, can you please go more into detail with keycloak so something like logout, double registration and so an. Amazing video!
Happy you liked it!
I will schedule one soon
I was going through a Udemy course, and the Keycloak screens there were too old, the new version of UI is very different. Thankfully I landed on this video. It helped me a lot. Thanks.
Glad it was helpful!
Thanks a lot for the helpful tutorial. Would be great if you can make a tutorial for KeyCloak integration with LDAP/Active Directory.
Great suggestion!
Your explanation was amazing thanks
Happy you liked it
well explained video ❤
Could you please make a video where we are implementing social login and own jwt authentication in a single spring boot application.
Happy you liked it
I will make one soon
@@BoualiAli Thank you
and I also requested you to make a video where linkedin and twitter is act as a social media platform for oauth2 login instead of google and github with spring boot
@@souravpaul6086 I’m preparing a video for that
@@BoualiAli I am excited to learn that topic with your awesome explanation ❤️
Works like a charme. :-)
Thank you for the helpfull vdo. Please continue for user federation and store in db.
Custom User Storage Provider
Thank you, I will
great tutorial very elaborate and informative.
Happy you liked it
If anyone using the latest version of keycloak while setting up the user make sure you are providing the firstame, lastname and email as well cause the existing version ends up throwing invalid grant type issue when accessing token endpoint. Also use lombok 1.18.30 when using JDK 21.
Now you did this all in one single spring app. How could i put all these settings into a seperate spring boot project and use it in multiple other spring boot projects to have a real microservice structure?
thank you for this amazing tutorial.can you please make a video for implementation of multi tenancy with Keycloyk?
Great suggestion!
thank you for the content. can you demonstrate how to automatically refresh the token once expired without having the user to login again (when microservice1 calls microservice2 for example) ?
Hey thanks for the tutorial, I am new to this so have a few questions..
1. Instead of appending Role in code can't we just do it in keycloak itself.
2. Can we use some kind of pattern matching like antmatcher and assign roles for endpoints instead of using preauthorize on each endpoint?.. it might become repetitive as endpoints increase to double digits.
Happy you liked it!
1- yes it is possible but you need to configure your spring app to remove the prefix (ROLE_)
2- yes you can do that, check the roles and permissions video and you will have a clearer picture how to implement it
You are perfect bro!
I appreciate that!
Thank you for this awesome content.
Pls can you make a video for multiple implementation of UserDetaisService, so that the system can use multiple table for authenticating user depending on the Login endpoint. Thank you
Happy you liked it
The question that you really need to ask: why you have such system design?
I guess you need to review you database design and group all the users in one table.
Please provide more details and I will try to answer and assist you
Another great spring tutorial!
Is it possible to combine this one together with spring social login?
Thanks!
Happy you liked it
I will provide a video about that too
@@BoualiAli thanks 🙏
thanks
Thanks my friend for your lessons
My pleasure 😇
@@BoualiAli what about Spring Rest Data or maybe Spring Cloud?
@@DashaZakella1001 what about them?
@@BoualiAli can you make a video of them?
Congratulations, I wanted to use Keycloak to help me implement the project, I followed your steps and it's working, very good, now the question I have left is how I can validate the expiration of the jwt token, any ideas.
Glad it helped
I love your videos, this was really helpful to understand keycloak, but i would love to see if its possible to make a controller that gets the user credentials and with those credentials to make the request to the keycloak for the authentication if you have any tip on this it would be helful. Thanks again for the hard work !
Happy you liked it.
if you need such functionality, you just need to invoke the same endpoint I used in postman and pass the required body with the correct values and you will get the token
@@BoualiAli I tried that way and managed to make it work now i skipped the "/authentication" url so it can be accessed without Authorization header. And when i make a new request i pass the new token that i got from authentication to the request so Keycloak can make the check if the user is authenticated and has the right role to access the resources.
Thanks again for help !
Hi Alibou, may I know if you planning to continue this tutorial, like authorization part and fine grain control on permission and stuff?
Yes, I have it on my list
@@BoualiAlii want to implement authorization for angular, but of course angular cannot set the authorization. it should be public access. but how to granularly define which path in angular, assosiiate with which permission in keycloak, and how to actually implement this?
Can anyone help? Realm role 'admin' is assigned to Client Role 'client-admin'. What difference does it make?⁉
Those who received "invalid_grant, Account is not fully set up" error, please mention the user's firstname, lastname, and email even though they are not marked mandatory.
Hi, Thanks for the video. I would like to point out something about the role settings. Perhaps you need to make it a bit clearer that point. It seems we are defining users for the REALM. We can define Roles for a Realm as well. So any user that is defined under a particular realm can be associated with any role that is created within the same realm. For global permissions roles such as ADMIN, USER, MANAGER etc, may be handled by this realm role definition. Probably for fine-grain authorization within a client, we may need extra role definitions under a particular client such as USER(read but not write), ADMIN(data posting, updating etc).
Sure, I will make that clear in the next video
Great tutorial. I would like to ask about Identity Brokering and Provider
Happy you liked it!
What about them?
Thanks for replying . I need to implement custom Identity brokering in keycloack. Custom oidc. I can not find resources for thst
@@rusifbudagov246 will try to schedule it
What if we created roles in keycloak with name ROLE_ started can we escape writing our own jwtauthentication converter class so we can reduce much code ?
Yes, it is the best way and You don't need to do it manually
It is very nice and in-depth explanation. I really appreciate and learn a lot from it. However, the end of the video the converter implementation really makes Spring Security a difficult, confusing, and even if you understand in depth, super ugly framework to work with.
Is there a way to generate token without knowing that magic url? How did you know the url? Is there any documentation about this?
How would you forgo if you had to store additional user info that keycloak does not support like for example user preferred language?
Happy you liked it
I will create another video to show this details
@@BoualiAli that would be really helpful, thank you 😁
Thank you so much kindly put video about websocket chatbot spring boot thank you soooo much for you help
Wow, I just finished recording this video.
It will be published really soon
Really thank you soo much sir you are great crystal clear explanation thank you so much sir
How do l get the list of users from keycloak via api and change password via api without going to keycloak
Hello, great video tutorial, but could you explain how you can secure endpoints without using method level annotations? Thanks
Check the Spring boot roles and pernmission video and you will have you answer there
Thanks for your great tutorial, Alibou!
Although I am getting a 502 Bad Gateway and Access Denied response at 43:12. Has anyone went through this?
help when i stop keycloak server and start again all my previous configurations got reset any help?
Hi Ali, first of all I want to thank you for this very detailed and well-explained guide, it really helped me have a clearer idea on how keycloak integration works in spring boot,
but I really want to ask for help on this minor problem,
i'm still getting 403 forbidden when even after adding the role
Please follow the steps precisely and assign the roles to the user
The check if the resouceId is null does not work the user can still access onsecured endpoint even when he is not authorized for this backend application
Hello, for newer Keycloak fill e-mail, first name and last name and then access token is returned to Postman.
Creating client : capability config - authentication flow what is the use of all options can you make a clear video
I'm watching this video because I'm starting a new job as a senior software engineer and I don't know what keycloack is.
Great. Thx a lot
You are welcome!
Hi there, great content! Just a quick question is it correct to say principle or principal? As I think we are referring to the request initiator which in this case would be a principal, but we refer to it as principle. Is this a typo or that's how it is supposed to be? Keep up the good work :)
Can you please remind me which part of the video 😅
@@BoualiAli For example the field principleAttribute, shouldn’t that be principalAttribute? I don’t get what are you referring to when you say principle? Just needed to clarify this :)
Hi Ali, I am developing an application using Keycloak and Spring Boot. I have implemented OTP login and Google Sign-In, but there is an issue. If a user has previously logged in with OTP and then tries to log in with Google using the same email, I get a "user already exists" error (federated identity account exists). In this case, I want the accounts to be merged. In other words, the user should be able to log in using both OTP and Google Sign-In with the same email. Could you help me with this?
Can You upload the Realm file to be imported? I tried the sample but still 403
Thank you so much
Happy you likedit
Amazing video Bouali. One question: How could I register new users in frontend with keycloak using Angular with springboot? in my frontend in a login form, first I check if the credencials is ok, if it is ok, I return the token for user be able to make request, is it right? Thanks
How can we test this security configuration setup? Maybe you can do a tutorial on unit testing the security chain.
Good idea
well explained video ❤
Could you please make a video where we are implementing social login and own jwt authentication where we can give access to the github user to access the secured end point of spring boot.
Sid you check the oauth2 video?
Yes ali i have watched oauth2 video.Pls make a video on this topic
thank You Ali for This amazing tutorial ,can u do a vid about keycloak(24.0.1) authentifiaction(login//logout)with spring boot 3 thanks
coming next week
28:48 you must add /auth , otherwise 401
in my case)))
Hi, thanks for the video! I have a question (maybe someone already found an answer): I tried to just create a new role ROLE_test_admin, and got 403, I guess it was because of principal, but why... What I'm trying to understand why we need to read "preferred_username" instead of "sub"?
That's very strange, but the problem is not in principal "preferred_name" or "sub". "JwtAuthenticationConverter" simply doesn't get "resource_access....roles". It only checks
Arrays.asList("scope", "scp");
That's the reason... why...
@@dmitriizheleznikov2949 try using hasRole rather than hasAuthority on the method.
Thank you for helping on this. I have a question: @28:01 why there is a need to assign client_admin role to user alebou? since the Admin has that role already. I believe this is duplicate.
Hello,
Your tutorial is very good.
Can you make a tutorial in which, in addition to Keycloak 21 and Spring Boot 3, Angular 16 is also integrated?
There are few tutorials that integrate Keycloak, Spring Boot and Angular, and if there are, they are old because Keycloak has changed a lot in the meantime and many things are no longer the same.
Thank you!
Happy you liked it
I'm working on a full angular video and it will be released soon.
After that I will create another one for keycloak integration with Angular too
@@BoualiAli Thank you!
I am a fan of Angular and Spring Boot ❤
@@BoualiAli i will wait that
@@BoualiAli yes that is so awesome. Thank you.
How to create an user on keycloak with Java code ?