Does keycloak have non-admin APIs for registration/login/logout/reset password, etc?
You see, we can do these using the admin api. But then the client of the api needs secrets. So we need a server layer to handle this. Then our security will be reduced to the security of the Api’s implementation. Which is contrary to the reasons for using an existing authentication and access-control tool (to not write security code).
As much as I search the web for non-admin Apis for common user activities like registration, login, etc, I cannot find them