[keycloak-user] obtaining token for CLI when using identity brokering

Apologies if this was already sent/answered, by my subscription to the ML was cut without my realising it, so I think my first attempt to send was not successful. And there seems to be no archive of the ML for me to check. My scenario: 1. My keycloak realm is set up to manage users with identity brokering (e.g. they login through GitHub etc.) 2. I have public client in that realm that has REST API that requires access to be authenticated 3. I want to access that API using curl or other CLI tool so need to provide an access token. If my users were added to Keycloak directly I could get that token like this: curl --data "grant_type=password&client_id=myclientid&username=user1&password=user1" https://<server:port>/auth/realms/realmname/protocol/openid-connect/token But this will not work when using identity brokering. So I was a assuming the user could login to keycloak with a browser and then find a token there and copy it. But if I login as a user at this URL https://<server:port>/auth/realms/realmname/account I get logged in using the identity broker but I can't find a token anywhere. How do I manage this? Tim