We have a situation where KeyCloak has been configured in a way where there are a lot of roles defined for each KeyCloak User associated with different KeyCloak clients.
For example, When a user registers to System 1 - the user automatically get these 200 roles.
Now when the same user logs in with System 8 using OIDC flow, System 8 will get all 200+ roles associated for this user in the Access Token, although these roles are irrelevant to system 8 - We are managing System 8 and The problem we are facing is The Access Token is a very large token (6KB) and system 8 implements OIDC flow for Single Page App through cookies, and cookies’ limit is 4KB.
Now the main question is - is there a way to configure KeyCloak to limit what it sends to the Token in a way it does not send all the rôles data of roles associated with other KeyCloak clients as described in above example?