Revisited keycloak 1.9 cr1 after a long time. While the basic and implicit flows work properly, noticed that the token validation is failing due to the lack of kid in token header. Did anyone come across the same problem or am I missing something? Btw we use our own oidc client libraries to interact with KC, which were tested against commercial products Thanks, Raghu Sent from my iPhone _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user