Hi, We are developing mobile application against a headless Drupal using Keycloak as SSO. How can we use the generated JWT token and validate it in Drupal? This is an example event log we are getting from Keycloak. http://site/openid-connect/generic?code=uss.LFgEKlE3AD5MJUlmsiNZ4Vz6tkwv1... We tried the following steps from http://lists.jboss.org/pipermail/keycloak-user/2015-May/002254.html but didnt work. When checking the value *LFgEKlE3AD5MJUlmsiNZ4Vz6tkwv1yhuhnNGGfhdzbQ.1c030743-0487-494f-9e4e-246380e6e96f.46a09a43-5450-4376-a918-ef826188f7b8* from jwt.io we are getting strange reponse. -- *hanks for your reply. We use Keycloak as a SSO and IDP, so the users dont exist in Drupal. Do you have any suggestions on how Drupal can use externally generated jwt tokens when the user doesnt already exist in Drupal? –* owever, Im also developing a mobile client against a headless drupal. In this case I get a jwt token from Keycloak. Im looking to use this token with drupal. *-------------------------------* * John Rey Tanquinco* *-------------------------------*