From 024abd72b9ddb6e6fdcf3b6248fa9a8c11127276 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mariusz=20=60shd=60=20Gliwi=C5=84ski?= <shd@nawia.net>
Date: Sun, 27 Apr 2025 10:48:04 +0200
Subject: [PATCH] Enable the Keycloak Admin REST API: use the
 client_credentials grant without "admin" prefix for retrieving bearer token,
 "Authorization" instead of "Authentication" for testing access to the Admin
 API

---
 .../external-iam/configure-keycloak-identity-management.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/source/operations/external-iam/configure-keycloak-identity-management.rst b/source/operations/external-iam/configure-keycloak-identity-management.rst
index cde64d158..720d8496c 100644
--- a/source/operations/external-iam/configure-keycloak-identity-management.rst
+++ b/source/operations/external-iam/configure-keycloak-identity-management.rst
@@ -172,15 +172,15 @@ You can validate the functionality by using the Admin REST API with the MinIO cl
 
       curl -d "client_id=minio" \
            -d "client_secret=secretvalue" \
-           -d "grant_type=password" \
-           http://keycloak-url:port/admin/realms/REALM/protocol/openid-connect/token
+           -d "grant_type=client_credentials" \
+           http://keycloak-url:port/realms/REALM/protocol/openid-connect/token
 
 2. Use the value returned as the ``access_token`` to access the Admin API:
 
    .. code-block:: shell
       :class: copyable
 
-      curl -H "Authentication: Bearer ACCESS_TOKEN_VALUE" \
+      curl -H "Authorization: Bearer ACCESS_TOKEN_VALUE" \
            http://keycloak-url:port/admin/realms/REALM/users/UUID
 
    Replace ``UUID`` with the unique ID for the user which you want to retrieve.