I have a big problem here because of bearer token size.
I'm using keycloak within a SaaS application, so I need create alot of
After 30 realms created, the bearer token issued for master admin user has
more than 8kb.
It's huge for a single header, Apache limits 8kb headers by default.
With 1000 realms, the bearer token of master admin user will have 3.5mb.
It'll be impossible to use keycloak in production, it occurs because
"resource_access" property has all realms with all possible roles.
It's possible to create wildcard "*" for "resource_access" to prevent that
I've created https://issues.jboss.org/browse/KEYCLOAK-1260 . It was
causing tests failures with -Pjpa so I've temporarily disabled
backchannelSupport for SAML broker test as a workaround.
I guess it's not a blocker for CR1 release as it happens just with JPA
UserSessions and with SAML backchannel logout. Just wanted to let you know.