[keycloak-user] Extract user roles from jwt auth token

I am using this endpoint: XXXXXXXXXX/protocol/openid-connect/token to authenticate the user. Once the user is authenticated a json(jwt) is returned from keyclock. Decoded jwt json: { "jti": "30d233b2-bba8-4f21-bc51-8c867cd5db8b", "exp": 1532326409, "nbf": 0, "iat": 1532325509, "iss": "http://localhost:8080/auth/realms/nodejs-example", "aud": "nodejs-connect", "sub": "faf3fc64-b96b-4e3f-8e86-4fc727e20d31", "typ": "Bearer", "azp": "nodejs-connect", "auth_time": 0, "session_state": "736f9570-a3c8-4180-927e-15b5e0f63764", "acr": "1", "allowed-origins": [], "resource_access": { "account": { "roles": [ "view-profile" ] } }, "name": "aaa bbb", "preferred_username": "ali123", "given_name": "aaa", "family_name": "bbb", "email": "a123(a)yahoo.com" } How can I retrieve the user roles from that JWT token? Thank you Irtiza Ali