We have a realm-per-customer, multi-tenant architecture and want to reduce the jwt token size of the master client that will create around 500 tenants. With every new tenant added, token size increases due to the client roles of the new tenants. We can remove them from token via client role mapper, but then we cannot manage the realm. If we can set “use-resource-role-mappings” of the new realm’s client to false, it will only check “aud” and will still allow us to manage the realm. But it seems this cannot be configured via kc admin portal. Is there a way to do it? Or is there another way to keep the JWT token size minimal?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Huge JWT Token size | 1 | 3333 | September 13, 2022 | |
| Keycloak custom admin client causes LARGE token size | 1 | 597 | February 9, 2021 | |
| Manage user from other realm with APIs | 0 | 443 | September 16, 2020 | |
| Keycloak - large tokens - lazy role evaluation | 2 | 1498 | April 23, 2022 | |
| Returning client roles in realm for single client | 9 | 3386 | July 18, 2024 |