Reputation: 349
How to fix cors error at my keycloak to make it work?
I try to reach this keycloak endpoint: http://10.10.10.10:8999/auth/realms/demo-realm/protocol/openid-connect/token
I add the client_secret, grant_type and client_id. Then when I send the request from my frontend app, I get back this error:
Access to XMLHttpRequest at 'http://10.10.10.10:8999/auth/realms/demo-realm/protocol/openid-connect/token' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
My keycloak setup is the following:
-confidential client
-valid redirect URIs: *
-web origins: + or * (tried both)
Also tried to set valid uris to http://localhost:4200 and web origins + or add the http://localhost:4200 to web origins.
It's important that the client have to be confidential or the access_token won't contain a resource-id when I try to use it...
Thanks in advance
Upvotes: 1
Views: 11824
Answers (2)
Reputation: 669
On keycloak client setup, add http://localhost:4200/* as valid redirect URI. In web origins a + is the best choice.
If you are using Java adapter, also set enable-cors tor true (see https://www.keycloak.org/docs/latest/securing_apps/index.html#_java_adapter_config)
Upvotes: 2
Related Questions
- How to configure KeyCloak for CORS?
- Keycloak CORS issue when being redirected to login
- How to setup the CORS configuration in keycloak to allow an ajax request?
- keycloak-angular: Blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
- Keycloak: No 'Access-Control-Allow-Origin' header is present on the requested resource
- Keycloak login from rest api has been blocked by CORS
- Keycloak authentication blocked by CORS
- Keycloak returns CORS Access-Control-Allow-Origin error
- Keycloak-angular: access /account fails with 403 error and CORS message
- No 'Access-Control-Allow-Origin' header is present on the requested resource in keycloak