Scenario - Legacy application(s) which needs to be authenticated using OpenID connect. We are using keycloak as the IP.
All, I really need is a single authentication mechanism for multiple applications. After authenticating, I also need is the 'user-id'
information (claim).
I have the access_token (scope openid
). Do I also need an id_token
to access the "user-id" information? or DO I need to decode "access_token
?