Is there is a way to debug 401 error?

[ahmedmozaly-sg]

On localhost, When I get a token with

curl \
  -d "client_id=admin-cli" \
  -d "username=admin" \
  -d "password=password" \
  -d "grant_type=password" \
  "http://localhost:8080/auth/realms/master/protocol/openid-connect/token"

Then use this token to export any realm, it works as expected
But on prod instance, Token obtained for admin user can only export master realm, Any other realm gives 401 error (although token can be used to access other apis endpoints in any other realm)

Is there is a way to debug 401 errors?

[fperot74]

Are you using {{keycloak_path}}/realms/{{your_realm}}/export/realm?
What is strange is that 401 should mean your token is not valid for the given realm. Are you using in prod a user who have rights to act on the given realm? (anyway, if it is a matter of rights, it should be a 403 error)
If you want to debug, you can add --debug to your Keycloak start command line

[ahmedmozaly-sg]

Yes, I'm using {{keycloak_path}}/realms/{{your_realm}}/export/realm
And the strange thing, The same token works for any other endpoint except {{keycloak_path}}/realms/{{your_realm}}/export/realm

Will try to use --debug and see