Trying different options in logout. The real ask is to revoke the access token and refresh token.

Steps:

1. Authenticate a user in keycloak - get access_token, expiry, refresh_token, expiry, type…
2. After use of the tokens (sessions), want to revoke the access_token and refresh_token
3. Have not persisted the refresh_token in the database
4. Tried the UserResource.logout API - returns 403 Forbidden
5. Tried the HTTP Java implementation to logout - it asks for refresh_token
6. If I give the refresh token manually - logout succeeds - session in Admin console shows 0

Is there a way to get the refresh_token from the access_token, so that it can be passed to the logout endpoint as form encoded attribute?

Any help much appreciated.