I faced a problem when I tried to use user roles on JHipster 5.x to limit access or filter results; Keycloak returns a token that includes user roles but under wrong path! Keycloak put user roles at realm_access.roles while Spring Security check roles at root of token playload.
I solve this issue in Keycloak and add user roles in roles of playload; Here I want share it with you.