Hi, I’d like to provide my app an endpoint, where a user can change his own account information using his own JWT. So I created a hardcoded role mapping containing the “manage-account” role in the apps client.
So now I can go to https:/INSTANCE/auth/realms/REALM/account/ and get/post userdetails with their JWT, quite nice so far!
Now, the point where I am struggling is, I am using Hasura (GraphQL Engine), which takes graphql mutation/queries and does rest requests, where configured.
I am using this method and, as it seems, hasura adds an “X-Forwarded-Host” header, pointing to itself. I found out, that using the keycloaks domain everything works fine. But using another domain throws an 401 Unauthorized.
Can someone help me?