[keycloak-user] obtaining token for CLI when using identity brokering

[Tim Dudgeon]

Apologies if this was already sent/answered, by my subscription to the 
ML was cut without my realising it, so I think my first attempt to send 
was not successful.
And there seems to be no archive of the ML for me to check.

My scenario:

1. My keycloak realm is set up to manage users with identity brokering 
(e.g. they login through GitHub etc.)
2. I have public client in that realm that has REST API that requires 
access to be authenticated
3. I want to access that API using curl or other CLI tool so need to 
provide an access token.

If my users were added to Keycloak directly I could get that token like 
this:

curl --data 
"grant_type=password&client_id=myclientid&username=user1&password=user1" 
https://<server:port>/auth/realms/realmname/protocol/openid-connect/token

But this will not work when using identity brokering.
So I was a assuming the user could login to keycloak with a browser and 
then find a token there and copy it.
But if I login as a user at this URL 
https://<server:port>/auth/realms/realmname/account I get logged in 
using the identity broker but I can't find a token anywhere.

How do I manage this?

Tim