Newbie question: If I create a new keycloak realm, where do I find the key that can be used to authenticate its issued tokens?

I recently took over a project for which the previous authentication guy has left, so I’ve been left high and dry. Our existing setup used only one keycloak realm, so the secret was hardcoded in the application code. However, my task involves expanding this to use several (new) realms. I am using express-jwt to authenticate tokens. How can I (ideally programmatically) get the secret for a given realm that should be passed to express-jwt to authenticate the tokens that keycloak issues?