keycloak

问题 I'm building an angular application secured with keycloak 10.0.2, i've deployed it in a server, and when i try to access it i can't reach Keycloak login page, here is my configuration keycloak: { keycloakUrl: 'http://servername:8085/auth', realm: 'app', clientId: 'myapp', redirectUri: 'http://servername:8083/myapp' } Should i put http://localhost:8085/auth or http://servername:8085/auth , or should i change localhost in keycloak to the servername, since keycloak is pre configured to localhost

问题 I want to create a new user in keycloak using postman. I get a token running https://xxxxxx/auth/realms/MyRealm/protocol/openid-connect/token header: Content-Type:application/x-www-form-urlencoded body: grant_type:password client_id:admin-cli client_secret:asdf-asdf-asdf-asdf-asdf username:testuser1 password:1234 If I then try to create a new user I get a 404 or 401 depending on the address. 404: https://xxxxxx/auth/realms/MyRealm/users 401: https://xxxxxx/auth/admin/realms/MyRealm/users

问题 I am trying to open keycloak manage-account page using iframe into my application, but I'm getting an error. Browser log Below is keycloak configuration NOTE: Working in firefox, but not in Chrome 回答1: In chrome, it is not working due to the SameSite setting in the chrome browser. To enable the working for the above problem you just need to follow the below steps and your problem gets resolved. Go to chrome://flags/ Search for Samesite Disable "SameSite by default cookies" flags. Relaunch 来源：

问题 I am trying to implement custom form action for user registration. I have added few custom fields on the form and I wish to validate those fields. After going through the keycloak documentation, I realised that I need to Extend FormAction, FormActionFactory Package the actionfactory in META-INF/services/org.keycloak.authentication.FormActionFactory Deploy the JAR in keycloak/standalone/deployments folder. I have done all the steps and verified that the provider is getting loaded. Here is the

问题 I am trying to implement custom form action for user registration. I have added few custom fields on the form and I wish to validate those fields. After going through the keycloak documentation, I realised that I need to Extend FormAction, FormActionFactory Package the actionfactory in META-INF/services/org.keycloak.authentication.FormActionFactory Deploy the JAR in keycloak/standalone/deployments folder. I have done all the steps and verified that the provider is getting loaded. Here is the

问题 I am using keycloak to secure my rest service and I am able to get the token , but when I am using this token for to get my rest service response, getting following error: HTTP/1.1 401 Unauthorized Cache-Control: no-cache, no-store, must-revalidate, private X-Powered-By: Undertow/1 X-XSS-Protection: 1; mode=block Server: WildFly/11 X-Frame-Options: SAMEORIGIN Date: Wed, 30 Jan 2019 07:42:45 GMT Connection: keep-alive WWW-Authenticate: Bearer realm="demorealm", error="invalid_token", error

问题 I'm trying to run Keycloak from a Docker image available on: Docker Hub here. If I run my container using the command: docker run -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=test -v /opt/mountedcertificate:/etc/x509/https -p 8443:8443 jboss/keycloak Setting the volume according to the instruction from previously mentioned website for this image: Setting up TLS(SSL) Keycloak image allows you to specify both a private key and a certificate for serving HTTPS. In that case you need to provide two

问题 I have referred a sample hello-world flask app integrated with key-cloak login from https://gist.github.com/thomasdarimont/145dc9aa857b831ff2eff221b79d179a My client-secrets.json is as follows: { "web": { "issuer": "https://keycloak-keycloak.router.default.svc.cluster.local.167.254.224.26.nip.io/auth/realms/myrealm", "auth_uri": "https://keycloak-keycloak.router.default.svc.cluster.local.167.254.224.26.nip.io/auth/realms/myrealm/protocol/openid-connect/auth", "client_id": "myclient", "client

问题 I need to be able to do the following (with plain cURL & JSON server-side- no frameworks or Java): Use a string representation of a Keycloak access token I have been given by a 3rd party to verify that the token is valid. If the token is valid, get the Keycloak ID for that user. How do I do this using plain old HTTP posts? I've found lots of Java examples but I need to know the raw HTTP POSTs and responses underneath. Is it something like this to validate the token? /auth/realms/<realm>

问题 I need to be able to do the following (with plain cURL & JSON server-side- no frameworks or Java): Use a string representation of a Keycloak access token I have been given by a 3rd party to verify that the token is valid. If the token is valid, get the Keycloak ID for that user. How do I do this using plain old HTTP posts? I've found lots of Java examples but I need to know the raw HTTP POSTs and responses underneath. Is it something like this to validate the token? /auth/realms/<realm>