EJB to API call


I want to call a rest endpoint with current authenticated user in EJB context.

What I have:

  • Keycloak 8.0.2
  • Wildfly 17.0.1 + Keycloak Adapter
  • 2 JavaEE 8 with JSF applications configured in Keycloak (Client A, Client B)
  • Clients A and B can authenticate user, get roles, SSO working, etc…
  • I managed to get Access Token and Id Token of current user using keycloakPrincipal

What I want:

An user authenticated in Client B uses a functionality that call REST API on Client A, and Client A needs to know what user is requesting its endpoint.

From what I googled this should be simpler, but I failing miserably, can you help me?

So far, I succesfully get userinfo openid address (protocol/openid-connect/userinfo) using current logged user access token, but for rest endpoint, always 401.

Debug infos:
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-2) Failed to verify token
[org.keycloak.adapters.RequestAuthenticator] (default task-2) Bearer FAILED