Hi all, <div><br></div><div>I must admit that OAuth sometimes appears a little complex for me and I have a use that I&#39;d like to submit in order to collect opinion and/or best practice.</div><div><br></div><div>My application components are :</div><div>- a keycloak server configured.</div><div>- a REST API (/api) protected using WAR adapter</div><div>- a Angular GUI client of this REST API using JS Adapter</div><div>- another REST API (/tools)</div><div><br></div><div>The /tools API is accessed by the Angular GUI but is also a client of the REST API (/api) </div><div><br></div><div>The /tools application have a rest-api-client.jar embedded that support Credentials Client Grant to ensure OAuth authentication in order to access the /api REST interface. </div><div><br></div><div>What I expected to do was to allow the Angular JS to propagate its authentication in order to allow the /tools application to access /api authenticated also. </div><div><br></div><div>I&#39;m facing the problem on how to propagate the JS Adapter authentication to the /tools application to allow it to use in the rest client ?</div><div><br></div><div>I did not mention that the /tools application is a background task manager that could run a long time away after tool job submission...</div><div><br></div><div>I&#39;m pretty lost in all the OAuth grant scenari and any suggestion should be highly appreciated.</div><div><br></div><div>Thanks in advance, Jérôme.</div>