Is it possible to have an app making token introspection requests for tokens not issued for it? I'll try to explain: Keycloak issues tokens to be used in a specific Resource server, the RS then validates the token (self contained info or token introspection endpoint). The situation is something like this: 1 3 --------------- KK--------------- | | | 2 | Client ----------------------------- RS 1 - Client gets token to use with RS 2 - Client uses token to make a request to RS 3 - RS makes a token introspection request Now, I want to add a router in the middle, I'd like the router to make the token introspection request (with the token issued for the RS) and then allow to go to the RS if everything is ok: 1 --------------- KK--------------- | | | | 3| | | 2 | 4 | Client ---------Router---------- RS 1 - Client gets token to use with RS 2 - Client uses token to make a request to RS 3 - Router intercepts the request and validates token (expiration and stuff like that) 4 - If validation is ok, the router allows the request to go to the RS, the RS then validates scopes and specific stuff. Thank you _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user