Authentication
This documentation describes how to authenticate your application with Keycloak to obtain an access token, which is required to consume the APIs of our systems.
๐ Access Informationโ
During the integration setup, the technical team will provide the following credentials:
- Keycloak Host
- Realm
- Client ID
- Client Secret
Available Environmentsโ
๐ง Stage/RCโ
The staging environment is available with separate realms for each region:
| Region | Realm | Host (Stage/RC) |
|---|---|---|
| Europe | stage1-eu | https://keycloak.stag.bolttechbroker.net |
| Asia | stage1-as | https://keycloak.stag.bolttechbroker.net |
| RC Europe | rc-eu | https://keycloak.stag.bolttechbroker.net |
| RC Asia | rc-as | https://keycloak.stag.bolttechbroker.net |
๐ Productionโ
| Region | Realm | Host (Production) |
|---|---|---|
| Europe | ||
| Asia |
๐งพ How to Obtain the Tokenโ
To authenticate and get an access token, send a POST request to the Keycloak token endpoint:
Endpointโ
POST {host}/realms/{realm}/protocol/openid-connect/token
Headersโ
Content-Type: application/x-www-form-urlencoded
Request Body (application/x-www-form-urlencoded)โ
client_id={CLIENT_ID}
client_secret={CLIENT_SECRET}
grant_type=client_credentials
scope=openid
Request Example (cURL)โ
curl -X POST https://keycloak-stage.example.com/realms/stage-eu/protocol/openid-connect/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "client_id=my-client" \
-d "client_secret=my-client-secret" \
-d "grant_type=client_credentials" \
-d "scope=openid"
๐ฆ Expected Responseโ
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_in": 300,
"token_type": "Bearer",
"scope": "openid"
}
- access_token: Access token to be used in API calls.
- expires_in: Time (in seconds) until the token expires.
- token_type: Token type (always Bearer).
- scope: Token scopes, if applicable.
๐ How to Use the Token with APIsโ
After obtaining the access_token, include it in the Authorization header of your API requests.
API Request Example with Tokenโ
GET /api/example HTTP/1.1
Host: api.example.com
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
โ Importantโ
- The token expires after a set time. You must request a new one after expiration.
- The stage/RC environment is for testing and staging only.
- Keep the provided credentials secure and do not expose them in public clients (e.g., browsers or mobile apps).
For technical support, please contact the integration team.