Controll all resource api endpoint on one keycloak multiple spring application

Securing applications
,
1

Hi, Everyone.
I saw so many example about making spring boot application. but i can’t under stand about something

  1. If i already have multiple application, I want to change to control all of resource api endpoint. as far as i understood i can use spring-oauth-dependency with spring-security-dependency or keycloak-springboot-starter with spring-security-dependency. when i tested using second one, i got 403 for example /accounts/account and /mine. only can access to /accounts. i’ll post my test code and anyone who know how to control the application resource only declare at keycloak just let me know
#application.yml

type or paste code here
keycloak:
resource: user-management
realm: integration-app
auth-server-url: http://localhost:9055/
ssl-required: external
use-resource-role-mappings: true
realm-key: ${my-realm-key}
credentials:
secret: {$my-client-secret}

#and my only KeycloakConfig.java
@Configuration
@KeycloakConfiguration
public class KeycloakConfig extends KeycloakWebSecurityConfigurerAdapter {
@Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
        keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
        auth.authenticationProvider(keycloakAuthenticationProvider);
    }
@Override
    protected void configure(HttpSecurity http) throws Exception
    {
        super.configure(http);
        http
          .authorizeRequests()
                .antMatchers("/common*").permitAll()// i don't want to using more control api endping on application
              
                .anyRequest().authenticated()
                .and()
                .logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .and()
                .exceptionHandling()
                .authenticationEntryPoint((request, response, authException)
                        -> response.sendRedirect("/realms/integration-app/protocol/openid-connect/auth?client_id=user-management&redirect_uri=http://localhost:9001&response_type=code&scope=openid"))
        ; 
}
  1. I confused to concept about OIDC between Oauth2.0 perspect on application. i saw so many application is using spring-oauth with spring-security. In this case, On perspect application, isn’t it Oauth the main spec? I already know the OIDC is upper concept Oauth2.0. but, the reason of i’m trying to using keycloak is using OIDC and do SSO.