<div dir="ltr">There&#39;s no such thing as a &quot;simple token&quot;. Tokens are always a signed JWT.</div><div class="gmail_extra"><br><div class="gmail_quote">On 5 February 2016 at 11:17,  <span dir="ltr">&lt;<a href="mailto:manfred.duchrow@caprica.biz" target="_blank">manfred.duchrow@caprica.biz</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  

    
  
  <div bgcolor="#FFFFFF" text="#000000">
    <div style="font-family:-moz-fixed;font-size:14px" lang="x-unicode">
      <pre>Hi,

I am trying to retrieve an access token from a Keycloak (1.8.0.Final)
service account by
POST /auth/realms/myrealm/protocol/openid-connect/token
with grant_type=client_credentials.

The result contains a signed JWT as value of field &quot;access_token&quot; rather
than a simple token
as described in chapter 18 (Service Accounts) of the user guide.

So what I expect (need) is a response like this:

{
    &quot;access_token&quot;:&quot;2YotnFZFEjr1zCsicMWpAA&quot;,
    &quot;token_type&quot;:&quot;bearer&quot;,
    &quot;expires_in&quot;:60,
    &quot;refresh_token&quot;:&quot;tGzv3JOkF0XG5Qx2TlKWIA&quot;,
    &quot;refresh_expires_in&quot;:600,
    &quot;id_token&quot;:&quot;tGzv3JOkF0XG5Qx2TlKWIA&quot;,
    &quot;not-before-policy&quot;:0,
    &quot;session-state&quot;:&quot;234234-234234-234234&quot;
}

Is there a way to configure the account or the realm to return a simple
token
in &quot;access_token&quot; (and &quot;refresh_token&quot;) rather than a JWT?

Cheers,
  Manfred


</pre>
    </div>
  </div>

<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>