keycloak-client | Python client for Keycloak | Identity Management library

I'm trying to achieve the same exact thing of this user but using a client with client_credentials

I've followed this post to create my client with client credentials grant and so I can get the access token like this

but when I try to call the execute-action-email api I only get an error 401

what am I missing?

So I want to deploy a client-app (java, with spring security, if that matters) to different companies. The keycloak will obviously run on servers of my organization but the client-app as to run on the servers of the client-companies.

1. Should the keycloak-client's access type be public or confidential?
2. i.e. what is the client-secret used for? (Encryption)?
3. Is it therefore a problem if the companies admins can theoretically read the secret by decompiling the jar of the client-app I give them?

Concerning the valid redirect URIs: Idealy I would like to use grant-type: password, so the user of the company enters his credentials into the frontend of the company deployed client-app and it logs into keycloak. Potentially the client-app deployed in the company is only reacable from the company intranet.

1. What can the redirect URI be for this case?

I´m trying to implement an Angular Application with Spring Boot Restservice secured by Keycloak.

Local on my Computer everything works find. The Angular Application is bootstrapt by Keycloak (with keycloak-angular) so I have to sign in to see the application. The application sends Restcalls to Spring Boot toghether with the token. The Restservice is keycloak.bearer-only receives the token and filters using the roles in the token.

This works really well locally, but from the moment I deploy this on a server I get an 401 Error everytime I try to access my Restservice with enabled keycloak. (I´m signed in on Keycloak and have a valid token).

This is what I get on Spring Boot Debug Log:

My application works fine when served with the ng serve command or with the ng serve --prod command, but when I build it for production with the ng build --prod command and then serve it with the http-server -p 8080 -c-1 dist/ng-zero command or with the live-server --entry-file=dist/index.html command, any request has a 404 response.

I had a look at different questions and their answers here, but nothing helped. I tried the HashLocationStrategy suggestion, I tried the useHash: true one too, to no success.

The Http server starting the application: