<div dir="ltr">Hi, <div><br></div><div>I noticed that when I request an access token (curl -v -H &quot;Content-type: application/x-www-form-urlencoded&quot; <a href="http://localhost:8080/auth/rest/realms/keycloak-admin/tokens/grants/access">http://localhost:8080/auth/rest/realms/keycloak-admin/tokens/grants/access</a> --data &quot;client_id=...&amp;client_secret=...&amp;username=...&amp;password=...&quot; -H &quot;Accept: application/json&quot;), the response doesn&#39;t contain a refresh token. </div>
<div><br></div><div>Is this intentional? And might it change in future versions?</div><div><br></div><div>According to <a href="http://tools.ietf.org/html/rfc6749#section-4.3">http://tools.ietf.org/html/rfc6749#section-4.3</a> (which is the spec the above method implements, right?), the refresh token in the access token response is optional.</div>
<div><br></div><div>If I&#39;m not mistaken, adding .generateRefreshToken() here: <a href="https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/services/resources/TokenService.java#L201">https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/services/resources/TokenService.java#L201</a></div>
<div>should do the trick, right?</div><div><br></div><div>Cheers,</div><div>Nils</div>







</div>