Red Hat Integration - Service Registry
  • Preface
  • Installation
    • Setting Up Project
    • PostgreSQL Database Deployment
      • Install Crunchy Postgres for Kubernetes Operator
      • Deploy PostgreSQL Database
    • Service Registry Deployment
      • Install Service Registry Operator
      • Configuring Service Registry
  • Testing
    • Testing Service Registry
    • REST API Testing Using Postman
    • Performance Testing Using hey
  • Security
    • Securing Service Registry
    • Red Hat Single Sign-On Deployment
      • Installing Red Hat Single Sign-On Operator
      • Deploy Red Hat Single Sign-On
      • Create Keycloak Realm For Service Registry
    • Configuring Service Registry
      • Service Registry with HTTPS
      • Service Registry without HTTPS (less secure)
      • Configuring Service Registry
      • Enable HTTP Basic Authentication
      • Enable Annonymous Read Access
      • Enable Role-Based Authorization
    • Testing Secure Service Registry API
  • Client Application
    • Create SSO Client for Application
    • Kafka Client Application
  • Appendix
    • CRD References
    • Installation Helper Script
    • Service Registry & SSO Integration with Self-Signed Certificate
Powered by GitBook
On this page
  • Call API secured with Basic Authentication
  • Call API secured with OAuth (Client Credentials Grant Type)
  1. Security

Testing Secure Service Registry API

PreviousEnable Role-Based AuthorizationNextCreate SSO Client for Application

Last updated 2 years ago

OAuth 2.0 has a bunch of Grant Types for different use cases. OpenID Connect and OAuth 2.0 provide following 4 major kinds of grant types which can be used with Red Hat SSO (Keycloak). While configuring each client, Keycloak provides options for enabling each of the above mentioned grant types as following table:

Grant Type

Keycloak Option

Authorization Code

Standard Flow Enabled

Client Credentials

Service Accounts Enabled

Resource Owner Password Credentials

Direct Access Grants Enabled

Implicit

Implicit Flow Enabled

Testing Service Registry API secured by Red Hat SSO is obviously that client must authenticate to Red Hat SSO (in case of OAuth) or Service Registry (in case of Basic Auth).

This section will show you how to call Service Registry API secured with OAuth (Client Credentials Grant Type. See create client with Client Credentials Grant Type) and Basic Auth using Postman. What you need to do in addition to calling unsecure API is configure the Authorization tab.

Call API secured with Basic Authentication

To call Service Registry APIs secured with Basic Authentication, you have to configure the Authorization tab as following:

  • Type: Basic Auth

  • Username: Client ID in Red Hat SSO

  • Password: Client secret

Call API secured with OAuth (Client Credentials Grant Type)

To call Service Registry APIs secured with OAuth, you have to configure the Authorization tab as following:

  • Type: OAuth 2.0

  • Grant Type: Client Credentials

  • Access Token URL: Keycloak access token URL in this format: https://<KEYCLOAK_HOST>/auth/realms/<REALM>/registry/protocol/openid-connect/token. For example, https://keycloak.example.com/auth/realms/registry/protocol/openid-connect/token

  • Client ID: Client ID in Red Hat SSO

  • Client Secret: Client secret

Testing secure API
Testing secure API