Cannot access Admin REST API with access token

I am evaluating keycloak for my application, and i cannot access Admin REST API via access token (got always 401).

What i did are following:

  1. start keycloak docker container by using the command docker run -p 8081:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:11.0.3 (i used the port 8081 because my application uses the port 8080)
  2. request an access token using Postman:
  3. copy the access token from the above step and call the Admin REST API http://localhost:8081/auth/admin/realms/maste/users in Postman with the access token

Unfortunately i got 401. Did i miss somthing?

Did you set the admin-cli Access Type to confidential?

See: Getting started with Keycloak

Thank you for your answer! I figured out my problem.

The keycloak server, which is started by the docker image quay.io/keycloak/keycloak:11.0.3, generates JWT token with "iss": "http://default-host:8080/auth/realms/myRealm". My application accesses the keycloak via the URL http://localhost:8081/auth. The URL does not match, so i got 401.

The solution is: start the keycloak docker container with the porperty -Djboss.http.port=8081, and then use JBoss CLI to change the default-host to the localhost. After that the generated JWT token contains the correct URL "iss": "http://localhost:8081/auth/realms/myRealm"