AuthorizationΒΆ
Keycloak client provides a method called validate_rpt, using which you can introspect and validate the incoming request. This method can be employed as a authorization middleware within your application.
The following snippet is an example written in Flask framework
1 2 3 4 5 6 | @app.route('/introspect-rpt', methods=['POST'])
def introspect_rpt():
""" Endpoint to introspect/validate authorization tokens """
rpt = request.json.get('rpt')
result = keycloak_client.validate_rpt(rpt)
return jsonify(result)
|