Public client with resource owner password credentials flow

timo1 · February 25, 2022, 11:23am

I would like to use a public client with resource owner password credentials. I have enabled Direct Access Grants. The flow doesn’t seem to work for me without client_secret. I’m getting the following error when requesting token with username, password, grant_type and client_id

{
    "error": "invalid_client",
    "error_description": "INVALID_CREDENTIALS: Invalid client credentials"
}

kubernetes logs telling me

08:41:16,538 WARN  [org.keycloak.events] (default task-270) type=LOGIN_ERROR, realmId=master, clientId=kong, userId=null, ipAddress=xx.xx.xx.xxx, error=invalid_client_credentials, grant_type=password

With confidential client and client secret my token requests with username, password, grant_type, client_id and client_secret are working. Is it supposed to work this way or should I change some settings when using public client?

Topic		Replies	Views
Using a public client to communicate with a confidential client Getting advice authentication	0	313	January 5, 2023
Difference between Keycloak 16.1 and 12.0.4: "Invalid client credentials" for public client while the same request works without problems for 12.0.4 Getting advice	4	14740	January 14, 2022
Unable to authenticate using nodejs client Securing applications	1	837	November 22, 2021
Client credentials grant: Rest API using client_id admin-cli Getting advice	2	1918	February 20, 2021
Requesting a token: INTERNAL_ERROR: null Configuring the server	6	1299	April 9, 2022

Public client with resource owner password credentials flow

Related topics