I have got a fat client and a web application. The fat client uses the keycloak login in a build in browser. After that I am using the access token to get data from rest services from the web application.

Is it possible to open the web application from the fat client in a new browser and propagate the user credentials, so that the user does not have to reauthenticate?