Hi, I'm having some issues understanding how to use the "Scope Param Required" switch when creating a role on my client. I have created a new client in the master realm, lets call it "master-client". Next I went to Clients > Master-client -> Roles and added a role named "role-one". In the wizard where I created the role I selected true on the switch "Scope Param Required". After that I created a new user and added the role "role-one" to that user. When I look at the access token the user receives when logging in using the javascript adapter I can not see "role-one" in the roles array in the resource_access object. I get this: "resource_access": {}. However, If I edit the role and select false on the switch "Scope Param Required" I can see "role-one" in the JWT: "resource_access": { "master-client": { "roles": [ "role-one" ] } } What am I missing? I'm using Keycloak 3.1.0.FINAL and keycloak-js 3.4.3, Cheers, Ulrik _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user