Controll all resource api endpoint on one keycloak multiple spring application

Hi, Everyone.
I saw so many example about making spring boot application. but i can’t under stand about something

  1. If i already have multiple application, I want to change to control all of resource api endpoint. as far as i understood i can use spring-oauth-dependency with spring-security-dependency or keycloak-springboot-starter with spring-security-dependency. when i tested using second one, i got 403 for example /accounts/account and /mine. only can access to /accounts. i’ll post my test code and anyone who know how to control the application resource only declare at keycloak just let me know

type or paste code here
resource: user-management
realm: integration-app
auth-server-url: http://localhost:9055/
ssl-required: external
use-resource-role-mappings: true
realm-key: ${my-realm-key}
secret: {$my-client-secret}

#and my only
public class KeycloakConfig extends KeycloakWebSecurityConfigurerAdapter {
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
        keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
    protected void configure(HttpSecurity http) throws Exception
                .antMatchers("/common*").permitAll()// i don't want to using more control api endping on application
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .authenticationEntryPoint((request, response, authException)
                        -> response.sendRedirect("/realms/integration-app/protocol/openid-connect/auth?client_id=user-management&redirect_uri=http://localhost:9001&response_type=code&scope=openid"))
  1. I confused to concept about OIDC between Oauth2.0 perspect on application. i saw so many application is using spring-oauth with spring-security. In this case, On perspect application, isn’t it Oauth the main spec? I already know the OIDC is upper concept Oauth2.0. but, the reason of i’m trying to using keycloak is using OIDC and do SSO.