[keycloak-user] Keycloak grant_type

[Tech]

Hi,

We are trying to setup a working login infrastructure as follows: an 
application which we are trying to login through Keycloak.

The flow is as follows: we get to the application, which redirects us to 
Keycloak, which should log the user and give correct access rights. This 
works, Keycloak is putting the correct cookies (KEYCLOAK_IDENTITY, 
KEYCLOAK_SESSION) and that redirects us back to the application.

The problem that we have is that we are not able to identify the user 
logged in to KeyCloak. This is doable by the access_token, if we would 
work with REST calls, but we only have the KEYCLOAK_IDENTITY cookie.

We are trying to somehow get the openid token with this 
url /auth/realms/demo/protocol/openid-connect/token with the following 
URL Encoded params:

- grant_type: authorization_code
- client_id: *client-id*
- client_secret: *secret*
- code: ???what code should we provide here??? (we tried adding the code 
seen from browser requests but that throws invalid_code error)

The actual problem is that there is no available example in the 
documentation (or at least we didn't find any) that shows how to setup a 
login flow without access_token request.

Thanks,

Alin