Hi, I have to create a rest layer to allow a mobile application to interact with KC because mobile developers don't want to use any kind of redirect or webview, only rest calls for login/registration. For a username/password authentication/registration is easy, I can use admin rest api, but for social login (only via facebook), there is a way to get a keycloak JWT token passing a facebook token using admin api or any other rest api? If not, it's better to plug an authentication provider using Authentication SPI or create a custom rest endpoint and generate (don't know how) a JWT? Thanks. -- Luigi De Masi *"Talk is cheap. Show me the code."* * -- Linus Torvalds* -- ------------------------------ Extra srl p: +39 0587975800 a: Via Salvo D'Acquisto 40/P - 56025 - Pontedera - Italy <https://goo.gl/maps/ngs7hecn9By> w: www.extrasrl.it e: info(a)extrasys.it <https://www.facebook.com/Extra-149813195076455/?fref=ts> <https://twitter.com/extrasrl> <https://www.linkedin.com/company/extra-srl> <https://flipboard.com/@extrasrl/soluzioni-per-il-business-0rk6urr6y> <https://www.youtube.com/channel/UCZa_aTznqeh5zoIPKPk1dNg> Le informazioni trasmesse sono riservate alla persona o ente alla quali sono indirizzate e possono contenere informazioni riservate e/o materiale di valore. Qualsiasi revisione, ritrasmissione, diffusione o altro uso, o l'adozione di azioni basate su tali informazioni da parte di soggetti diversi dal destinatario è proibita. Se avete ricevuto per errore questo messaggio, siete pregati di informare il mittente e cancellare il materiale contenuto da ogni computer. The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.