Login to Keycloak using API

Question

I have 2 different applications: say Application1 and Application2.

1. I have integrated Application2 with keyc

Answer 1

You are effectively asking your users to trust that Application1 will manage their keycloak credentials securely. This is not recommended because

1. better security is achieved if the user is redirected to keycloak to enter their credentials. In an ideal world no client application should be handling or have access to user credentials.
2. It defeats the purpose of single sign in where a user should only need to enter their credentials for the first application they need to access (provided their session has not expired)

But if you control and can trust Application1 and need to do this due to legacy or other reasons then you can enable the Resource Owner Credentials Flow called "Direct Access" on the Keycloak Client Definition, and then POST the user's credentials as a form-urlencoded data type to

https:///auth/realms//protocol/openid-connect/token

The paramaters will be

grant_type=password
client_id=
client_secret=
username=
password=
scope=

The response will be a valid JWT object or a 4xx error if the credentials are invalid.