I need to block user access to Keycloak Account client (/auth/realms/[MYREALM]/account) but I need the Rest API provided by this client.
I'm using Keycloak 4.1.0. I have tried to disable account client through keycloak admin panel (/auth/admin/master/console/#/realms/[MYREALM]/clients), but if I disable this client, Account Rest API is no longer working.
There is an Apache in front of this Keycloak and I guess I could filter requests using Apache, but I'm not allowed to do it.