Info of access JWT

[pafavero]

This is my working configuration in Apache with module the module mod_auth_openidc to secure a resource with Oauth and Keycloak:

OIDCOAuthClientID <CLIENTID>
OIDCOAuthClientSecret <CLIENT_SECRET>
OIDCOAuthIntrospectionEndpoint <KEYCLOAK_ADDRES>/realms/<REALM_NAME>/protocol/openid-connect/token/introspect
OIDCOAuthIntrospectionEndpointParams token_type_hint=access_token   

<Location />
  AuthType oauth20
  Require valid-user
</Location>

It works but the module mod_auth_openidc is currently deprecated for Oauth20.
So I have tried to do the same with the new module mod_oauth and this is the configuration which I tested:

LoadModule oauth2_module modules/mod_oauth2.so
<Location />
  AuthType oauth2
  OAuth2AcceptTokenIn environment name=access_token,roles
  OAuth2TargetPass envvars=On&headers=On&oauth2_claim=access_token,roles
  OAuth2TokenVerify introspect <KEYCLOAK_ADDRES>/realms/<REALM_NAME>/protocol/openid-connect/token/introspect introspect.ssl_verify=false&client_secret_post&client_id=<CLIENT_id>&client_secret=<CLIENT_SECRET>
</Location>
</VirtualHost>

It is still working but I need to access user info of access JWT, for example:

{
  "preferred_username": "peter1",
  "roles": [
    "realm_role_1",
    "realm_role_2"
  ]
}

This information is no longer available in the environment variables. Should OAUTH2_CLAIM_access_token be the exact token as received or should OAUTH2_CLAIM_preferred_username be the user's name?
Any help?