Hi, I'm trying to use Spring Boot 2 OAuth2 client with Keycloak (3.4.3). It works well except users always get ROLE_USER authority even if they have other roles within the keycloak client. I've uploaded my sample project if you want to have a quick look: https://github.com/cthiebault/keycloak-spring-boot-2.0 It's quite straightforward... I had a look to https://docs.spring.io/spring-security/site/docs/5.0.3.RELEASE/reference/... to add keycloak roles to user's granted authorities but I don't know which Keycloak endpoint to use... Any help would be very appreciated :-) Cedric