How can i encrypt my access token in keycloak UI ( 23.0.0 )

Scenario: By using keycloak token api i got an access token , if i put this in I can able to all the user or sensitive data. I have found that we can disable the claims which we don’t want to display in the token. But this is not my case I want the claims but it should not be decrypted when I put it in the

Can anyone help me with the above scenario

Not sure whether this is a case of an x-y-Problem, but the JWT claims are not supposed to be encrypted as they need to be interpreted by generic client applications. The transfer is supposed to be encrypted.

Got it, thanks for the update!

There is a spec of JWE (JSON Web Encryption), but I’m not sure, if Keycloak does support this in any way. JWE is an add-on spec, OIDC does not require the token to be encrypted!! So, having unencrypted token is aligned with the specs implemented by Keycloak.

1 Like

Got it, thanks for the clarification @dasniko !