Hey Everyone,
I am hoping someone could help with an issue I am facing. I am try to use API to create a new Authentication flows to our realms. I want to the API to do this but I keep getting 403 Forbidden error when trying to POST. I am using Postman to do this. It works fine when I create a new flow in our dev environment because I am using the API: http://127.0.0.1:8180/auth/admin/realms/heroes/authentication/flows (example) and I am using Basic Auth with our Admin account to generate the token. When I put in the API for our case, I am able to add a new Flow to the Realm. Works great!
However, when I go into Prod and use the API: https://{Keycloak url]/auth/admin/REALM/authentication/flows while using Basic auth and the admin account, I get the 403 forbidden error. Mind you when I POST to get the Access Token (in Prod), I am able to generate a token but as soon as I try to POST to create a new flow, I get the forbidden error.
Does it have anything to do with http vs https? I confirmed by admin role has “realm-admin”. I know that the call is correct but is something being blocked on the server side, possibly? Or is their a setting I am missing somewhere?
Any help would be greatly appreciated.