• Getting started
    • Tutorials
    Authorization Code Flow
    Client Credentials
    Refreshing tokens
    Rice varieties
    Rice nutrition

Client Credentials Flow

Overview

A server-to-server authentication flow where the client application acts on its own behalf rather than on behalf of a user.

Flow Steps

  1. Client Authentication Request
POST http://localhost:8080/realms/myrealm/protocol/openid-connect/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic base64(client_id:client_secret) 
 
grant_type=client_credentials
  1. Token Response
{
"access_token": "BQDBKJ5eo5jxbtpWjVOj7ryS84khybFpP_lTqzV7uV-T_m0cTfwvdn5BnBSKPxKgEb11",
"token_type": "Bearer",
"expires_in": 3600
}

Implementation Example

async function getAccessToken() {
  const credentials = Buffer.from(`${clientId}:${clientSecret}`).toString('base64');
  
  const response = await fetch('http://localhost:8080/realms/myrealm/protocol/openid-connect/token', {
      method: 'POST',
      headers: {
          'Authorization': `Basic ${credentials}`,
          'Content-Type': 'application/x-www-form-urlencoded'
      },
      body: 'grant_type=client_credentials'
  });
  
  return response.json();
}
API Documentation
HomeDocumentation