I’m creating a platform in which its possible to create a new realm dynamically,
I can create the new real, user, … with a client in the master realm.
The user can login using the login page of the realm (I would prefer to use the api) and have their token.
The problem that I see is when the web app try to call and endpoint in the gateway I have to check that the token is valid, for that you have to use “protocol/openid-connect/token/introspect” endpoint of keycloak but I have to pass a client from the realm that the user belong, can’t use the master client.
Is there any way to validate the token with only a client from the master realm?, If not how could I do it?