First make sure you are using the right realm.

Then, enable the service account role for your client in the Keycloak client settings.

POST http://<KEYCLOAK_URL>/realms/<YOUR_REALM>/protocol/openid-connect/token?grant_type=client_credentials&client_id=<YOUR_CLIENT_ID>&client_secret=<CLIENT_SECRET>

You should not need the username and password.