[keycloak-user] Generated token too large for usage as authorization bearer header value

[Rob Parker]

I am finding the size of the token returned from keycloak is too large to
use as a bearer Authorization header when making subsequent api requests
from my application via our nodejs express server.

This happens after I add many roles to the user account I am using. When
removing enough roles, eventually they size of the header is allowed
through.

Is it possible to not include user roles in the token issued to a user when
authenticating?

I could then retrieve the users roles after logging in to our application
through some other means, e.g userinfo endpoint?

Thanks