Good afternoon. 
My English is not very good, so just apologize. I really liked your project Keycloak. I've had a number of questions on it, in which I ask your help. So ... 
1 How REST interface through JSApp create user with specified password. In my case I "PUT" reset-password and get a "Access to the specified resource has been forbidden", but without password is ok.
2 How to check in Stateless EJB which role belongs to a particular user, get his ID, etc. That access to users IDM from the business code.
Thank you very much.