Question about http authentication

[meecomeback]

Hi , I deploy apicurio-registry with keycloak on Kubernetes then I turned on HTTP basic authentication and tested to get artifact detail via curl to apicurio-registry endpoint by adding header Authorization: Basic YWRtaW5AYWRtaW4uYWRtaW46YWRtaW4K (my built-in account keycloak is admin@admin.admin:admin) but seem it return 401. not sure that is the right way to do HTTP basic authentication ? please suggest me Thanks you.

[carlesarnal]

Hi @meecomeback,

Note that our basic authentication support is a bit special. You cannot use a regular user with it, a pair clientId, secret must be used and the server will do a client credential grant for you in Keycloak, see the docs.

[EricWittmann]

Carles that is true for both RHOSR and on-prem/community?

[omersiar]

Hi,

Okay, so the clientID for the OAUTH provider going to ask if the Basic Auth credentials are correct, right?
But in my case if I don't set OAUTH_TOKEN_ENDPOINT_URI, registry try to access localhost:8090
BTW OAUTH2 is working in this setup both for UI and API