Only the admin is the KC admin: https://github.com/aerogear/aerogear-unifiedpush-server/blob/1.0.x/servers/auth-server/src/main/webapp/WEB-INF/ups-realm.json#L30
Perhaps Keycloak itself could improve there a bit, that it should not ask to update the developers password, when logging into something that is not scoped/allowed for that user
|