[keycloak-user] Is it possible to use a non Keycloak client to call a Keycloak secured Rest services?

Hi, I finally got some basic code to work. I have a WAR file that contains RestEasy services, and I updated the web.xml and added keycloak.json to secure it. I then add a application similar to customer-app-cli to my KeyCloak realm. I am able to call my Rest services from this program. However this cli program needs to use Keycloakinstalled().getTokenString() in order to get the bearer token to add to the HTTP header. Is it possible to have different non-keycloak clients, i.e. is there a way for other clients to obtain this token string to add to the header, or is this a step that is required, i.e. the client app must be registered to the Keycloak server as well. I may be missing something obvious completely... Christina