Look Up Access Token For User

We currently have a use case where we need to get the currently assigned Access Token for a User / Realm / Client combination so that we can pass that along to the 3rd party for which it was assigned, so that they can perform a mapping on their side.

Is there a way to fetch the currently issued Access Token for the User / Realm / Client combination?

Dear dbg,

Yes, it is possible using the restapi. The token expiration time is in our hand. We can keep the same token life for 30 mins or 24 hours and using api we will get the same token. But for this you have to pass the clientid and secret from client. This realm should have only read access.

  1. Create a new realm internal (used in this curl)

  2. Create a new client eba1360f.

  3. Change access type to confidential.

  4. Copy the credentials secret from client options in 2nd tab.

  5. Use the same client and secret to get the token.

     curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Accept:application/json" -d "grant_type=client_credentials&redirect_uri=https:
     //secure-sso-rhsso-np.apps.com/auth/realms/internal/protocol/openid-connect/auth&client_id=eba1360f&client_secret=abb42c53b34cec00dcf86733a8253b97"
     https://secure-sso-rhsso-np.apps.com/auth/realms/internal/protocol/openid-connect/token