Doc:Howtos: Token exchange

[pgangwani]

Issue and Steps to Reproduce

I have usecase of token exchange.
May I know how can we tackle this ?

At a high level, we have 2 oidc servers where login is required only first time and then auto authorize with other. One is local keycloack and other one enterprise Forgerock.

Versions

Any

Screenshots

Expected

Need more example and ways if you are familiar with this.

Actual

Additional Details

• Installed packages:

[guillaume-chervet]

Hi @pgangwani , thank you for your issue.
I have to read token exchange documentation more in details but i'am pretty sure it is a server side protocol. Do you need to apply token exhange at server side inside you API or from client side ?

[pgangwani]

Imagine like Shell (Parent most wrapper component) which is authenticated always using keycloak id authority . However there is sub component/MFE (think like tab of the which is registered with enterprise IAM - forgerock). Now when sub-compoenent renders, it redirects to enterprise SSO, which I need to silently resolve like in your multi auth example. But only difference is authority is changing to enterprise SSO so token would not work.
Now same logistic can apply to BFF of that MFE and I expect the same solution can apply there as well. Please note I dont have surity that it is solution for library but this is for example / doc if we can achieve some combination like that for the reference.