Interface ClientAuthenticator

All Superinterfaces:
Provider
All Known Implementing Classes:
AbstractClientAuthenticator, ClientIdAndSecretAuthenticator, JWTClientAuthenticator, JWTClientSecretAuthenticator, X509ClientAuthenticator

public interface ClientAuthenticator extends Provider
This interface is for users that want to add custom client authenticators to an authentication flow. You must implement this interface as well as a ClientAuthenticatorFactory. This interface is for verifying client credentials from request. On the adapter side, you must also implement org.keycloak.protocol.oidc.client.authentication.ClientCredentialsProvider , which is supposed to add the client credentials to the request, which will ClientAuthenticator verify on server side
Author:
Marek Posolda
See Also:
  • Method Details

    • authenticateClient

      void authenticateClient(ClientAuthenticationFlowContext context)
      Initial call for the authenticator. This method should check the current HTTP request to determine if the request satisfies the ClientAuthenticator's requirements. If it doesn't, it should send back a challenge response by calling the ClientAuthenticationFlowContext.challenge(Response).
      Parameters:
      context -