Wordpress session and consume api

My goal is to get a token from the active php session and use/renew it from javascript. I don’t know how or if it is possible.

In some projects I’ve used Keycloak Javascript Adapter. Configuring a keycloak client with access type public I was easily able to login/logout users, retrieve/renew token and consume api passing token through each ajax request.

Now I need to develop a wordpress plugin that use keycloak. I’m taking advantage of a great plugin: openid connect generic client (OpenID Connect Generic Client – WordPress plugin | WordPress.org). In this way all user signin/signup using keycloak. In order to do this I’ve configured in keycloak a client with access type confidential.

In my wordpress plugin I need to consume some api from javascript. In javascript I’m not able to configure keycloak because I would need a client with access type public. Creating another client in keycloak I should ask users to login again?

/token keycloak rest api doesn’t seem to work. I could call it passing

client_id=<Application1's client id>
client_secret=<the client secret>
username=<the username>
password=<the password>
scope=<space delimited list of scope requests>

But I’m not handling at all user credentials so I can’t pass any password.

I’m stuck, any help would be appreciated.