Explain how to validate Keycloak generated access tokens by backend APIs.
For the demonstration Keycloak Identity & access management system, Spring Boot, and a Postman client is used
Image by Pete Linforth from Pixabay
https://pixabay.com/illustrations/cyber-network-technology-futuristic-3400789/
00:00 - Intro
02:03 - How an API validates JWT
03:00 - Mandatory Claims
04:00 - Signature validation
05:18 - Implementation
05:55 - Code walkthrough
11:28 - Demonstration
