diff --git a/auth_jwt_demo/controllers/main.py b/auth_jwt_demo/controllers/main.py
index ae680ac791..9d1a9bf9c2 100644
--- a/auth_jwt_demo/controllers/main.py
+++ b/auth_jwt_demo/controllers/main.py
@@ -43,3 +43,27 @@ def whoami_keycloak(self):
partner = request.env["res.partner"].browse(request.jwt_partner_id)
data.update(name=partner.name, email=partner.email)
return Response(json.dumps(data), content_type="application/json", status=200)
+
+ @route(
+ "/auth_jwt_demo/keycloak/whoami-public-or-jwt",
+ type="http",
+ auth="public_or_jwt_demo_keycloak",
+ csrf=False,
+ cors="*",
+ save_session=False,
+ methods=["GET", "OPTIONS"],
+ )
+ def whoami_public_or_keycloak(self):
+ """To use with the demo_keycloak validator.
+
+ You can play with this using the browser app in tests/spa and the
+ identity provider in tests/keycloak.
+ """
+ data = {}
+ if hasattr(request, "jwt_partner_id") and request.jwt_partner_id:
+ partner = request.env["res.partner"].browse(request.jwt_partner_id)
+ data.update(name=partner.name, email=partner.email)
+ else:
+ # public
+ data.update(name="Anonymous")
+ return Response(json.dumps(data), content_type="application/json", status=200)
diff --git a/auth_jwt_demo/tests/spa/index.html b/auth_jwt_demo/tests/spa/index.html
index f06aca7847..9e74fbc6b5 100644
--- a/auth_jwt_demo/tests/spa/index.html
+++ b/auth_jwt_demo/tests/spa/index.html
@@ -11,13 +11,17 @@ SPA OIDC Authentication Sample
+