I'm trying to interact with Keycloak via its REST API. I have the master realm and the default admin user, and a test realm. Firstly, I get an access token for the admin account and test realm:
let data = { grant_type : 'password', client_id : 'test-realm', username : 'admin', password : 'admin'};let headers = {'Content-Type': 'application/x-www-form-urlencoded'};axios.post('https://someurl.com:8080/auth/realms/master/protocol/openid-connect/token', qs.stringify(data), headers)That works ok. Then I try to make a call to create a user (or do anything else) and I get a 401 unauthorized error:
headers = {'Content-Type': 'application/x-www-form-urlencoded','Authorization': `Bearer ${accessToken}`};data = { rep: { email: "test@email.com", username: "test@email.com" }, path: 'test-realm'};axios.post('https://someurl.com:8080/auth/admin/realms/test-realm/users', qs.stringify(data), headers)Is that not the correct way to include the token? Is the access token the one you use for authenticating other API calls? Shouldn't the admin account's token work for authenticating calls to other clients with the master realm? Would it be some setting in the master realm that I have to change in the admin console? Any help appreciated.