I am using keycloak 3.4.1.Final (deployed by docker). diving into the issue, here are the logs: WARN [org.keycloak.connections.httpclient.DefaultHttpClientFactory] (default task-7) Truststore is disabled ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-7) Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: No access token available in OAuth server response: {"id_token":"eyJ0eXAiOi..."} at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider. getFederatedIdentity(AbstractOAuth2IdentityProvider.java:279) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider$ Endpoint.authResponse(AbstractOAuth2IdentityProvider.java:399) Note: with my current setup I don't have any issue with Google identity provider. Please let me know if more information needed for solving this issue, thanks. -- Sid