Completely disable landing page at /auth

rscott · November 18, 2020, 8:42pm

Because there’s no reason to render a welcome page in a production environment, we don’t want KeyCloak to render the welcome page at /auth. We’d like it to return a 404 instead. Is this possible?

jonytricon · November 25, 2020, 12:29pm

I am also facing the same problem.
Did you get any answer to this?

R4nmaru · November 27, 2020, 9:05am

I dont know if there is a better solution.
But my suggestion would be to create a custom welcome theme that will give out this error.

martinleim · December 28, 2020, 1:44pm

Do you use a reverse proxy in front of Keycloak?

If yes, you could configure it to prevent access to /auth, except for some well-known endpoints like ^/auth/realms/(.*)/protocol/openid-connect or ^/auth/realms/(.*)/login-actions. You could even control access based on the source IP, e.g. to allow access from the local host or a whitelist of adresses only.

ayoub96anbara · November 17, 2021, 9:26pm

Did you find any solution to this?

weltonrodrigo · November 22, 2021, 9:55pm

You can use a custom cli script. Take a look at this:

UPDATE:

Create a file called disable_welcome.cli containing:

/subsystem=undertow/server=default-server/host=default-host/location=\/:remove

This is how to instruct keycloak docker container to run the script at startup keycloak-containers/README.md at main · keycloak/keycloak-containers · GitHub

PeterSilva · December 30, 2021, 11:21pm

alternatively you can edit index.ftl ( keycloak-x.x.x/themes/keycloak/welcome )

and have you /auth page stripped to bare minimum

rmoqpd5t · January 8, 2022, 1:57am

Or, what about something like…

<html>
<head>
    <meta http-equiv="refresh" content="0; url=https://www.example.com/" />
    <meta name="robots" content="noindex, nofollow">
    <script type="text/javascript">
        window.location.href = "https://www.example.com/"
    </script>
</head>
<body>
    If you are not redirected automatically, follow this <a href='https://www.example.com/'>link</a>.
</body>
</html>

in keycloak/welcome-content/index.html ?

QuadStingray · March 11, 2022, 9:57am

Hi,

my solution is to override /opt/jboss/keycloak/themes/keycloak/welcome/index.ftl with following content.

<html>
<head>
    <meta http-equiv="refresh" content="0; url=${adminUrl}" />
    <meta name="robots" content="noindex, nofollow">
    <script type="text/javascript">
        window.location.href = "${adminUrl}"
    </script>
</head>
<body>
If you are not redirected automatically, follow this <a href='${adminUrl}'>link</a>.
</body>
</html>