Huge JWT Token size

We have a realm per customer, multi-tenant architecture. (Expected to have around 500 realms) There is a service account we use, a client in the master realm that will manage the customer realms. The problem is the huge JWT token that increases in size as the number of realms increases. This is due to the 20+ client roles of each new realm. What are the different options we have to keep the token size low?

Not including the roles in the JWT but using the Userinfo Endpoint istead. See JWT: How to deal with it if the jwt contains too many roles and is therefore too large? · Discussion #14032 · keycloak/keycloak · GitHub

1 Like