[keycloak-user] keycloak.json configuration - link between resource attribute and Keycloak client

Hi, I don't understand how the < resource > attribute from the keycloak.json is bound to a client. I explain the case I face : In my WAR I have a keycloak.json which contains the value < WS > on the < resource > attribute. I've previously created a < GUI > client that allows me to generate a token and a < WS > client with a bearer-only access type that I use to secure my WARs. Everything works fine, my WARs are secured and I'm able to request the web services with the token generated with the GUI client. BUT, If I change the < resource > attribute value with a client name which doesn't exist it still works. I can set the < resource > attribute to < anyThing > or < oneTwoThree > etc and it still works even if I didn't create these clients. I was expecting an error like < the client oneTwoThree doesn't exist > or something else when I request a web service secured in a WAR with a non existing resource value in the keycloak.json file. Is it a normal behavior ? Do I misunderstood something or do I have an issue ? Regards, Marc Destefanis.