Hi all, Any idea about this point ? We always get : {"active":false} when we call the api to make an intropection wether the access_token is valid or not. Are there any params to tweek in the console to activate this service ? These are the logs we get in Keycloak where every thing seems to work nicely although i don't have all the details of whats going on : 2017-07-26 16:57:55,679 DEBUG [io.undertow.request.security] (default task-14) Attempting to authenticate HttpServerExchange{ POST /auth/realms/REALM/protocol/openid-connect/token/introspect request {Accept=[*/*], Content-Type=[application/x-www-form-urlencoded ], User-Agent=[curl/7.51.0], Authorization=[Basic ZW1wLW51bS1sb2dpbi1jbGllbnQ6NzVjOWQ4ODMtNGY2YS00ZWMxLWEzZGQtNDU0YjE1ZjNlZDIx], X-Forwarded-Proto=[https], X-Forwarded-Port=[443], Content-Length=[968], Content-Type=[application/x-www-form-urlencoded], Host=[host.com]} response {X-Powered-By=[Undertow/1], Server=[JBoss-EAP/7]}}, authentication required: false 2017-07-26 16:57:55,679 DEBUG [io.undertow.request.security] (default task-14) Authentication outcome was NOT_ATTEMPTED with method io.undertow.security.impl.CachedAuthenticatedSessionMechanism@2724f346 for HttpServerExchange{ POST /auth/realms/REALM/protocol/openid-connect/token/introspect request {Accept=[*/*], Content-Type=[application/x-www-form-urlencoded ], User-Agent=[curl/7.51.0], Authorization=[Basic ZW1wLW51bS1sb2dpbi1jbGllbnQ6NzVjOWQ4ODMtNGY2YS00ZWMxLWEzZGQtNDU0YjE1ZjNlZDIx], X-Forwarded-Proto=[https], X-Forwarded-Port=[443], Content-Length=[968], Content-Type=[application/x-www-form-urlencoded], Host=[host.com]} response {X-Powered-By=[Undertow/1], Server=[JBoss-EAP/7]}} 2017-07-26 16:57:55,679 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-14) new JtaTransactionWrapper 2017-07-26 16:57:55,679 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-14) was existing? false 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) RESTEASY002315: PathInfo: /realms/REALM/protocol/openid-connect/token/introspect 2017-07-26 16:57:55,680 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-14) AUTHENTICATE CLIENT 2017-07-26 16:57:55,680 DEBUG [org.keycloak.authentication.ClientAuthenticationFlow] (default task-14) client authenticator: client-secret 2017-07-26 16:57:55,680 DEBUG [org.keycloak.authentication.ClientAuthenticationFlow] (default task-14) client authenticator SUCCESS: client-secret 2017-07-26 16:57:55,680 DEBUG [org.keycloak.authentication.ClientAuthenticationFlow] (default task-14) Client emp-num-login-client authenticated by client-secret 2017-07-26 16:57:55,680 DEBUG [org.keycloak.events] (default task-14) type=INTROSPECT_TOKEN, realmId=REALM, clientId=emp-num-login-client, userId=null, ipAddress=xx.xx.xx.xx, client_auth_method=client-secret 2017-07-26 16:57:55,680 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-14) JtaTransactionWrapper commit 2017-07-26 16:57:55,680 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-14) JtaTransactionWrapper end 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) MessageBodyWriter: org.jboss.resteasy.spi.ResteasyProviderFactory$SortedKey 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) MessageBodyWriter: org.jboss.resteasy.plugins.providers.ByteArrayProvider 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) Interceptor Context: org.jboss.resteasy.core.interception.ServerWriterInterceptorContext, Method : proceed 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) InterceptorWriter: org.jboss.resteasy.plugins.interceptors.encoding.GZIPEncodingInterceptor 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) Interceptor : org.jboss.resteasy.plugins.interceptors.encoding.GZIPEncodingInterceptor, Method : aroundWriteTo 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) Interceptor Context: org.jboss.resteasy.core.interception.ServerWriterInterceptorContext, Method : proceed 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) InterceptorWriter: org.jboss.resteasy.security.doseta.DigitalSigningInterceptor 2017-07-26 16:57:55,680 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) Interceptor Context: org.jboss.resteasy.core.interception.ServerWriterInterceptorContext, Method : proceed 2017-07-26 16:57:55,681 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) MessageBodyWriter: org.jboss.resteasy.spi.ResteasyProviderFactory$SortedKey 2017-07-26 16:57:55,681 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) MessageBodyWriter: org.jboss.resteasy.plugins.providers.ByteArrayProvider 2017-07-26 16:57:55,681 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-14) Interceptor Context : org.jboss.resteasy.core.interception.ServerWriterInterceptorContext, Method : writeTo Thanks for any help about this point.