Unable to request resource from one client to another


I am playing with KC and in scenario I am testing I have ClientA which makes http request to ClientB.

ClientB has declared resources which contains role policies, etc…

ClientA makes login. Receives access token which is then sent during request to ClientB in header.

Everything works nice without Authorization but with Authorization settings I always get 403.

I looked at the access token and it just contains basic info about user. I guess it misses some claim about what resources user can use.

Anyone who could point me in right direction of which settings I should look at?

Also, I know description is brief but i will gladly provide additional info.

Thank you.