docs update

docs/config.md

@@ -87,7 +87,19 @@ Then create a new user and grant admin privileges inside the same realm to be ab
     url = "http://localhost:8080/auth/realms/apim/protocol/openid-connect/certs"
     ```
 
-4. Comment out the grant types which are not supported by Keycloak by commenting out the ones other than `implicit`, `authorization_code`, `client_credentials`, `password` under the `SupportedGrantTypes` section in the `identity.xml` file which can be found under `<APIM_HOME>/repository/conf/identity` directory. This is made because other grant types or not supported by the Keycloak.
+4. Add the following configurations in the `deployment.toml` of the API Manager server to disable the grant types which are not supported by Keycloak by other than `implicit`, `authorization_code`, `client_credentials`, `password`
+
+    ```toml
+    # following configurations are to disable the grant_types
+    [oauth.grant_type.uma_ticket]
+    enable = false
+    [oauth.grant_type.jwt_bearer]
+    enable = false
+    [oauth.grant_type.iwa_ntlm]
+    enable = false
+    [oauth.grant_type.saml_bearer]
+    enable = false
+    ```
 
 ### Step 3: Run the sample
 
@@ -114,7 +126,7 @@ You have connected WSO2 API Manager with a third-party Keycloak IAM server. Let'
 
     | Element | Description |
     | ------------- |-------------|
-    | Application Grant Types (Mandatory) | Select the grant types for the application. |
+    | Application Grant Types (Mandatory) | Select the grant types for the application. Applicable Grant Types are: [`Authorization Code`, `Implicit`, `Client Credentials`, `Password`] |
     | Callback URL (Optional) | Redirection URI string for use in redirect-based flows. E.g., [http://google.lk/](http://google.lk/) |
 
 5. **Validate tokens by subscribing to the Keycloak client :**