diff --git a/pl/web/browsers/firefox/tools/web-developer.txt b/pl/web/browsers/firefox/tools/web-developer.txt
index 287d37285..6ce91ca21 100644
--- a/pl/web/browsers/firefox/tools/web-developer.txt
+++ b/pl/web/browsers/firefox/tools/web-developer.txt
@@ -14,5 +14,9 @@ https://firefox-source-docs.mozilla.org/devtools-user/network_monitor/request_li
         https://regexone.com/
         https://regexper.com
 
+persistent log
+about:config - persistlog
+https://stackoverflow.com/questions/21526871/can-i-prevent-the-firefox-developer-tools-network-panel-from-clearing-on-page-re
+
 2020
 https://alan.norbauer.com/articles/browser-debugging-tricks
diff --git a/security/jwt.txt b/security/jwt.txt
index 015908c7d..1b9ff6bbd 100644
--- a/security/jwt.txt
+++ b/security/jwt.txt
@@ -2,6 +2,12 @@ https://jwt.io/
     s a standard RFC 7519 for exchanging cryptographically signed JSON data
 https://datatracker.ietf.org/doc/html/rfc7519
 
+https://jwt.io/beta
+    jwtv2
+    https://github.com/jsonwebtoken/jsonwebtoken.github.io/issues/723
+
+https://jwt.io/beta/libraries?filter=java
+
 2023
 https://habr.com/ru/companies/doubletapp/articles/764424/
 2022
diff --git a/security/server/keycloak/features/token-endpoint.txt b/security/server/keycloak/features/token-endpoint.txt
new file mode 100644
index 000000000..391ec3075
--- /dev/null
+++ b/security/server/keycloak/features/token-endpoint.txt
@@ -0,0 +1,26 @@
+KC -> authorization-code -> browser
+    grant_type=authorization_code
+browser exchanges it for
+    - id token
+    - access/refresh token
+rest api
+    retrieve pub-keys (to verify access tokens)
+    https://developers.redhat.com/blog/2020/01/29/api-login-and-jwt-token-generation-using-keycloak
+        client -> auth flow overrides
+            Settings -> Capability Config
+                Client Authentication -> On
+                Authentication flow -> Direct Access Grants
+                credentials tab
+                    Client Authenticator -> Client Id and Secret
+            Advanced -> Authentication flow Overrides
+                Direct Grant Flow -> Direct Grant
+    https://developers.redhat.com/blog/authentication-and-authorization-using-the-keycloak-rest-api
+        https://github.com/edwin/java-keycloak-integration/blob/master/src/main/resources/application.properties
+        https://github.com/edwin/java-keycloak-integration/blob/master/src/main/java/com/edw/service/KeycloakRestService.java
+        token endpoint
+            username=
+            password=
+            grant_type=password
+            client_id=?
+            client_secret=?
+            scope="openid, profile"
diff --git a/pl/java/libfws/spring/security/oauth/oauth2/server/keycloak.txt b/security/server/keycloak/keycloak.txt
similarity index 100%
rename from pl/java/libfws/spring/security/oauth/oauth2/server/keycloak.txt
rename to security/server/keycloak/keycloak.txt