using JWTAuthInterceptor in Nuxeo Java Client


I finally succeeded to use Keycloak as a identity provider for my Nuxeo using the openid package. I can now connect using JWT Token generated by Keycloak and get all my user infos even groups ! Now I am trying to use Nuxeo Java Client to do the same thing. Here is my code :

NuxeoClient nuxeoClient = new NuxeoClient .Builder() .url(url) .connectTimeout(connectTimeout) .readTimeout(readTimeout) .interceptor(new JWTAuthInterceptor(token)) .authentication(new JWTAuthInterceptor(token)) .schemas(“*“) .connect();

But I am always getting errors (401 not authorized).

Did I forget something ?

I am using Nuxeo LTS 2021 / Nuxeo Java Client 3.11.0 / Keycloak 19.0.1 / JDK 11.


0 votes

1 answers



Hello Kevin Leturc , can you please help me ? Thanks.


I'm not sure the JWTAuthInterceptor is working with the Keycloak provider. The interceptor works with the JWT secret configured on Nuxeo side, see

Maybe you need to create your own interceptor for this use case, how do you succeed to authenticate with a Keycloak token, do you have a curl command example?


1 votes

Thank you Kevin Leturc for your response, you are right, openid plugin don't secure api with jwt token, it's just used to authenticate to Nuxeo. So I used the nuxeo-platform-login-keycloak project (with some modifications in code) and now it's working for me using JWTAuthInterceptor in Java Client. Regards.