This is an automated email from the ASF dual-hosted git repository.
monkeydluffy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 0dbffed7f docs(authz-keycloak): update token endpoint command (#10699)
0dbffed7f is described below
commit 0dbffed7fe66d0bc19458fcf822889dbe3676fff
Author: Traky Deng <trakyd...@gmail.com>
AuthorDate: Sun Dec 24 23:19:50 2023 -0800
docs(authz-keycloak): update token endpoint command (#10699)
---
docs/en/latest/plugins/authz-keycloak.md | 18 ++++++++++++------
docs/zh/latest/plugins/authz-keycloak.md | 18 ++++++++++++------
2 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/docs/en/latest/plugins/authz-keycloak.md
b/docs/en/latest/plugins/authz-keycloak.md
index 21ac21b80..2804998b4 100644
--- a/docs/en/latest/plugins/authz-keycloak.md
+++ b/docs/en/latest/plugins/authz-keycloak.md
@@ -174,18 +174,24 @@ Once you have enabled the Plugin on a Route you can use
it.
First, you have to get the JWT token from Keycloak:
```shell
-curl \
+curl
"http://<YOUR_KEYCLOAK_HOST>/realms/<YOUR_REALM>/protocol/openid-connect/token"
\
-d "client_id=<YOUR_CLIENT_ID>" \
- -d "username=<YOUR_USERNAMED>" \
+ -d "client_secret=<YOUR_CLIENT_SECRET>" \
+ -d "username=<YOUR_USERNAME>" \
-d "password=<YOUR_PASSWORD>" \
- -d "grant_type=password" \
-
"http://<YOUR_KEYCLOAK_HOST>/auth/realms/${realm}/protocol/openid-connect/token"
+ -d "grant_type=password"
```
-Now you can make requests with the obtained JWT token:
+You should see a response similar to the following:
+
+```text
+{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJoT3ludlBPY2d6Y3VWWnYtTU42bXZKMUczb0dOX2d6MFo3WFl6S2FSa1NBIn0.eyJleHAiOjE3MDMyOTAyNjAsImlhdCI6MTcwMzI4OTk2MCwianRpIjoiMjJhOGFmMzItNDM5Mi00Yzg3LThkM2UtZDkyNDVmZmNiYTNmIiwiaXNzIjoiaHR0cDovLzE5Mi4xNjguMS44Mzo4MDgwL3JlYWxtcy9xdWlja3N0YXJ0LXJlYWxtIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjAyZWZlY2VlLTBmYTgtNDg1OS1iYmIwLTgyMGZmZDdjMWRmYSIsInR5cCI6IkJlYXJlciIsImF6cCI6ImFwaXNpeC1xdWlja3N0YXJ0LWNsaWVudCIsInNlc3Npb25fc3RhdGUiOiI1YzIzZjVkZC1
[...]
+```
+
+Now you can make requests with the access token:
```shell
-curl http://127.0.0.1:9080/get -H 'Authorization: Bearer {JWT Token}'
+curl http://127.0.0.1:9080/get -H 'Authorization: Bearer ${ACCESS_TOKEN}'
```
To learn more about how you can integrate authorization policies into your API
workflows you can checkout the unit test
[authz-keycloak.t](https://github.com/apache/apisix/blob/master/t/plugin/authz-keycloak.t).
diff --git a/docs/zh/latest/plugins/authz-keycloak.md
b/docs/zh/latest/plugins/authz-keycloak.md
index 18979ad48..621aab46e 100644
--- a/docs/zh/latest/plugins/authz-keycloak.md
+++ b/docs/zh/latest/plugins/authz-keycloak.md
@@ -159,18 +159,24 @@ curl http://127.0.0.1:9180/apisix/admin/routes/1 \
首先需要从 Keycloak 获取 JWT 令牌:
```shell
-curl \
+curl
"http://<YOUR_KEYCLOAK_HOST>/realms/<YOUR_REALM>/protocol/openid-connect/token"
\
-d "client_id=<YOUR_CLIENT_ID>" \
- -d "username=<YOUR_USERNAMED>" \
+ -d "client_secret=<YOUR_CLIENT_SECRET>" \
+ -d "username=<YOUR_USERNAME>" \
-d "password=<YOUR_PASSWORD>" \
- -d "grant_type=password"
"http://<YOUR_KEYCLOAK_HOST>/auth/realms/${realm}/protocol/openid-connect/token"
+ -d "grant_type=password"
```
-之后就可以使用获得的 JWT 令牌发起请求:
+你应该收到类似以下的响应:
+
+```text
+{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJoT3ludlBPY2d6Y3VWWnYtTU42bXZKMUczb0dOX2d6MFo3WFl6S2FSa1NBIn0.eyJleHAiOjE3MDMyOTAyNjAsImlhdCI6MTcwMzI4OTk2MCwianRpIjoiMjJhOGFmMzItNDM5Mi00Yzg3LThkM2UtZDkyNDVmZmNiYTNmIiwiaXNzIjoiaHR0cDovLzE5Mi4xNjguMS44Mzo4MDgwL3JlYWxtcy9xdWlja3N0YXJ0LXJlYWxtIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjAyZWZlY2VlLTBmYTgtNDg1OS1iYmIwLTgyMGZmZDdjMWRmYSIsInR5cCI6IkJlYXJlciIsImF6cCI6ImFwaXNpeC1xdWlja3N0YXJ0LWNsaWVudCIsInNlc3Npb25fc3RhdGUiOiI1YzIzZjVkZC1
[...]
+```
+
+之后就可以使用获得的访问令牌发起请求:
```shell
-curl http://127.0.0.1:9080/get \
--H 'Authorization: Bearer {JWT Token}'
+curl http://127.0.0.1:9080/get -H 'Authorization: Bearer ${ACCESS_TOKEN}'
```
## 删除插件
