[Apiman-user] base64 encoding of tokens

According to this: http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication... the tokens returned by keycloak are base64 encoded, but when I try to decode I get an error. $ curl -X POST http://192.168.59.103:8080/auth/realms/myrealm/protocol/openid-connect/token -H "Content-Type: application/x-www-form-urlencoded" -d "username=user1" -d 'password=secret' -d 'grant_type=password' -d 'client_id=echo' -s | jq -r '.access_token' | base64 -D Invalid character in input stream. How are the tokens supposed to be decoded? Tim