Reputation: 12445
keycloak dynamic client registration registration_client_uri docker hostname override
I have successfully created a client inside Keycloak using Dynamic Client Registration
The response body contains:
"registration_client_uri":"https://127.0.0.1:8443/auth/realms...",
This is because Keycloak is installed with Docker, and is fronted by NginX. I want to replace the IP address/port with the actual public hostname.
Where are the docs / configurations for this?
I started keycloak as follows:
docker run -itd --name keycloak \
--restart unless-stopped \
--env-file keycloak.env \
-p 127.0.0.1:8443:8443 \
--network keycloak \
jboss/keycloak:11.0.0 \
-Dkeycloak.profile=preview
And inside keycloak.env, I have set KEYCLOAK_HOSTNAME=example.com
Upvotes: 4
Views: 426
Answers (1)
Reputation: 28646
Configure env variable PROXY_ADDRESS_FORWARDING=true, because Keycloak is running behind Nginx reverse proxy - https://hub.docker.com/r/jboss/keycloak/
Enabling proxy address forwarding
When running Keycloak behind a proxy, you will need to enable proxy address forwarding.
docker run -e PROXY_ADDRESS_FORWARDING=true jboss/keycloak
Upvotes: 2
Related Questions
- Configure reverse-proxy for Keycloak docker with custom base URL
- Keycloak in Docker with proxy such as nginx using non-standard ports
- Keycloak NullPointerException in DefaultHostnameProvider when authenticating
- How to configure multiple keycloak instances on nginx
- Keycloak returns 'Invalid parameter: redirect_uri'
- Keycloak and Docker - Cannot set two types of URLs
- Nginx reverse proxy for keycloak
- openresty with keycloak in docker, exposing host url as discovery
- Keycloak docker HTTPS-REQUIRED with nginx ssl
- How to get nginx to handle https for keycloak