<div dir="ltr"><div>Hello group,</div><div><br></div><div>just found an interesting example for decoding a JWT token in the shell.</div><div>Perhaps some of you might find that handy... see below.</div><div><br></div><div>Cheers,</div><div>Thomas</div><div><br></div><div>KC_REALM=acme-test</div><div>KC_USERNAME=tester</div><div>KC_PASSWORD=test</div><div>KC_CLIENT=app1</div><div>KC_CLIENT_SECRET=aa937217-a566-49e4-b46e-97866bad8032</div><div>KC_URL=&quot;<a href="http://localhost:8081/auth">http://localhost:8081/auth</a>&quot;</div><div><br></div><div># Request Tokens for credentials</div><div>KC_RESPONSE=$( \</div><div>   curl -k -v \</div><div>        -d &quot;username=$KC_USERNAME&quot; \</div><div>        -d &quot;password=$KC_PASSWORD&quot; \</div><div>        -d &#39;grant_type=password&#39; \</div><div>        -d &quot;client_id=$KC_CLIENT&quot; \</div><div>        -d &quot;client_secret=$KC_CLIENT_SECRET&quot; \</div><div>        &quot;$KC_URL/realms/$KC_REALM/protocol/openid-connect/token&quot; \</div><div>    | jq . </div><div>)</div><div><br></div><div>KC_ACCESS_TOKEN=$(echo $KC_RESPONSE| jq -r .access_token)</div><div>KC_ID_TOKEN=$(echo $KC_RESPONSE| jq -r .id_token)</div><div>KC_REFRESH_TOKEN=$(echo $KC_RESPONSE| jq -r .refresh_token)</div><div><br></div><div># one-liner to decode access token</div><div>echo -n $KC_ACCESS_TOKEN | cut -d &quot;.&quot; -f 2 | base64 -d | jq .</div><div><br></div><div>{</div><div>  &quot;jti&quot;: &quot;c5ed8525-f0c6-433f-9a88-ef92645582dd&quot;,</div><div>  &quot;exp&quot;: 1473348085,</div><div>  &quot;nbf&quot;: 0,</div><div>  &quot;iat&quot;: 1473347785,</div><div>  &quot;iss&quot;: &quot;<a href="http://localhost:8081/auth/realms/acme-test">http://localhost:8081/auth/realms/acme-test</a>&quot;,</div><div>  &quot;aud&quot;: &quot;app1&quot;,</div><div>  &quot;sub&quot;: &quot;c88e9053-89cf-4a4b-af09-c34d91d083af&quot;,</div><div>  &quot;typ&quot;: &quot;Bearer&quot;,</div><div>  &quot;azp&quot;: &quot;app1&quot;,</div><div>  &quot;auth_time&quot;: 0,</div><div>  &quot;session_state&quot;: &quot;bfb1e6dd-b8c6-4379-bc47-e86c5396b06b&quot;,</div><div>  &quot;acr&quot;: &quot;1&quot;,</div><div>  &quot;client_session&quot;: &quot;db292d8b-263e-4030-9b93-a1d37e5ee5eb&quot;,</div><div>  &quot;allowed-origins&quot;: [],</div><div>  &quot;resource_access&quot;: {</div><div>    &quot;app-js-demo-client&quot;: {</div><div>      &quot;roles&quot;: [</div><div>        &quot;user&quot;</div><div>      ]</div><div>    },</div><div>    &quot;account&quot;: {</div><div>      &quot;roles&quot;: [</div><div>        &quot;manage-account&quot;,</div><div>        &quot;view-profile&quot;</div><div>      ]</div><div>    }</div><div>  },</div><div>  &quot;name&quot;: &quot;Theo Tester&quot;,</div><div>  &quot;preferred_username&quot;: &quot;tester&quot;,</div><div>  &quot;given_name&quot;: &quot;Theo&quot;,</div><div>  &quot;family_name&quot;: &quot;Tester&quot;,</div><div>  &quot;email&quot;: &quot;tom+tester@localhost&quot;</div><div>}</div><div><br></div></div>