Skip to main content Skip to complementary content

Obtaining a JWT from Keycloak

Procedure

  1. Start Keycloak. For more information on installing and starting Keycloak, see the Keycloak Getting started documentation.
  2. In the Keycloak Admin Console, create a new Realm MyDemoRealm in the Realm settings.
  3. In the Realm MyDemoRealm, create a new client, for example:
    • Client ID: Demo
    • Home URL: http://localhost:8080/realms/MyDemoRealm/Demo/
    • Client authentication is turned on.
    In the Client details page of the new client, you can get the Client Secret in the Credentials tab.
    The URL http://localhost:8080/realms/MyDemoRealm/protocol/openid-connect/certs is accessible. It will return the information of the keys.
  4. Send a POST request using Postman to the URL http://localhost:8080/realms/MyDemoRealm/protocol/openid-connect/token with the client_id, client_secret values obtained from the Client details page and grant_type set to client_authentication.
    The response from this POST request will be the access token and its properties. This access token will be used to send a request to the JWT validation enabled REST services.
  5. Open the https://jwt.io/ website and copy the access token you got from http://localhost:8080/realms/MyDemoRealm/protocol/openid-connect/token into the Encoded text box.
    You can see the Audience value "aud": "account" in the Decoded view.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here