Hello I have web application (UI and REST services java/Wildfly). Keycloak is used as Identity Broker with Salesforce (OpenID Connect Brokering) and if I try to access UI application I can successfully log in via Salesforce. At the moment I need to make REST service call from Salesforce Apex code and authenticate caller by his access_token (provided by Salesforce). Is it possible to make client authentication based on that access_token? (or how can I extend Keycloak adapter and Server via SPI)? Yes, I know about Direct Grant and Service Account if I want to call RestAPI method. But in that cases I need to somehow fill securityContext with rights roles. Regards, Sergei Degtyarev