How can we obtain an access token for the user by only knowing the username in keycloak?

Question

In my application, users can perform some tasks without login via the keycloak. After performing the task, I want to get an access token from keycloak by giving the username of the user to automatically log the user into application. Assume the user has a registered user account in keycloak too. is there a way to obtain an access token with username only?

Answer 1

In my application, users can perform some tasks without login via the keycloak.

Unless those users are authenticated via some external IDP and you have established a trust-relationship between your external IDP and Keycloak (have a look at this SO thread for potential solution for a similar question to yours) in short I would say no.

From auth0:

Access tokens are used in token-based authentication to allow an application to access an API. The application receives an access token after a user successfully authenticates and authorizes access, then passes the access token as a credential when it calls the target API.

The point is exactly that, exchanging some kind of authentication information (.e.g., username and password, or client secret) for a token that proves to your application that the user has authenticated successfully. Otherwise, someone could just enter your system as long as it had access to a username.

It sounds to me that you want to use the access token has means to pass information between Keycloak and your app, for that you have for sure better options.