Access token content and length

Hello all,
I have implemented authorization code flow for a client who has full-stack app, and at the end of the flow, access token is returned to the front-end. Initial idea is to store the access token to local storage, but it’s possible to change this, if it turns out to be insecure, I see that there is a lot of debate about this.
What bothers me is that access token seems to contain information about the user as well.
Does anyone knows is it possible to remove this data from the token?

{ "iat": 1626951280,
  "auth_time": 1626951277,
  "jti": "8d22f905-e9be-4f0b-9728-08f73a5ada05",
  "iss": "https://idp-testcloudapp/auth/realms/Demo",
  "aud": "",
  "sub": "30fa93xc-b744-489a-bd2f-5e3277311346",
  "typ": "Bearer",
  "azp": "",
  "session_state": "7re4e92a-57a9-47e8-b385-986ea431e05e",
  "acr": "1",
  "allowed-origins": [
  "scope": "openid profile email",
  "email_verified": false,
  "name": "test Local",
  "preferred_username": "test-local",
  "given_name": "Test",
  "family_name": "Local",
  "email": ""

Additional bonus question, is it possible to reduce the length of the access token? For example, in open id specs, access token looks like this: “access_token”: “SlAV32hkKG”, but one generated from keycloak is a lot longer.

I managed to find the solution, at least for the main part. It seems that keycloak maps all the data to the both id and access tokens.

We need to go client scopes tab, and from there into desired scopemappers → and then there is list of settings, including ‘add to id token’ and ‘add to access token’ buttons, which are by default turned on. We just need to switch ‘add to access token’ to off and that’s it. It is little bit hidden and you need to go one by one, but it does the job.
Hope this will help someone in the future.

That’s IMHO some OAuth access token, but Keycloak generates JWT. Random doc: When To Use JWT Vs. OAuth2.0 Access Token

This does makes sense. Thank you @jangaraj