When using a security mechanism, such as Spring Security, it’s possible that multiple security mechanisms are in place or that only parts of an application are secured via Keycloak, not a blanket path (e.g. /api/*).

What I’m trying to do is use the Spring’s authentication entrypoint to direct to Keycloak (this part work somewhat) and have the Keycloak adapter pick up from there (not working).

What’s the best way to handle this?

Thanks,
Scott