Hi,          I would like to find the right approach for device authentication in my usecase.My project has a 3 actors - Users - Devices - Apps (think of these as ,mobile Apps) We currently use KeyCloak for user authentication (Federated LDAp/OpenID Connect) and we have a backend of micro-services that are registered as clients in KeyCloak and users/devices/mobile apps  can access those backend services via OAuth2  (JWT tokens). I would like to leverage KeyCloak for Device & Mobile App authentication , Device/App will authenticate via private/public key pair via signed JWT token. I know I can implement the mobile APP as a client in Keycloak. My question is around Devices , should I register the Device as a client or as  User in KeyCloak? Any guidance/sample project/example would be highly appreciated. regards,Sudhir | | Virus-free. www.avast.com |