Hi,
Due to the nature of our set of applications that are authenticated against KeyCloak, we have a requirement to access KeyCloak APIs outside of SSO session(s). So the questions are:
1. Seems that all admin APIs are authenticated with the provided access_token (Bearer). Are there any other authentication mechanisms?
2. If not, is there a way for us to get the access_token without going through the browser based login flow? (like a single token provider API which doesn't expect an authorization_code)