I am new to keycloak, and I was struggling with how to initiate a token exchange request.
I have an OpenID client A configured in Realm A. My requirement is to exchange the token I received from client A, to get the token from client B configured in Realm B.
I was trying out the examples for external to internal token exchange. And I had configured client A as an oidc in Realm B and executing the below cURL:
curl -L -X POST ‘http://localhost:8000/auth/realms/realmB/protocol/openid-connect/token’
-H ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode ‘client_id=clientA’
–data-urlencode ‘client_secret=clientASecret’
–data-urlencode ‘subject_token=clientAToken’
–data-urlencode ‘subject_issuer=clientA-oidc’
–data-urlencode ‘audience=clientB’
–data-urlencode ‘grant_type=urn:ietf:params:oauth:grant-type:token-exchange’
Thanks In advance