Keycloak Cross Realm Token Exchange

Hi, I am new to keycloak, and i was struggling on how to initiate a token exchange request.

I have a openid client A configured in Realm A. My requirement is to exchange the token i recieved from client A, to get the token from client B configured in Realm B.

I was trying out the examples for external to internal token exchange. And i had configured the client A as an oidc in Realm B and executing the below cURL:

curl -L -X POST ‘https://localhost:8000/auth/realms/realmB/protocol/openid-connect/token
-H ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode ‘client_id=clientA’
–data-urlencode ‘client_secret=clientASecret’
–data-urlencode ‘subject_token=clientAToken’
–data-urlencode ‘subject_issuer=clientA-oidc’
–data-urlencode ‘audience=clientB’
–data-urlencode ‘grant_type=urn:ietf:params:oauth:grant-type:token-exchange’

Hi, I think it needs to be client_id=clientB (same for secret).
You are asking for a client from B, so, endpoint B, clientB.
You are providing as credentials the token from A, so, tokenA, issuer A.