Completely disable landing page at /auth

Because there’s no reason to render a welcome page in a production environment, we don’t want KeyCloak to render the welcome page at /auth. We’d like it to return a 404 instead. Is this possible?

1 Like

I am also facing the same problem.
Did you get any answer to this?

I dont know if there is a better solution.
But my suggestion would be to create a custom welcome theme that will give out this error.

Do you use a reverse proxy in front of Keycloak?

If yes, you could configure it to prevent access to /auth, except for some well-known endpoints like ^/auth/realms/(.*)/protocol/openid-connect or ^/auth/realms/(.*)/login-actions. You could even control access based on the source IP, e.g. to allow access from the local host or a whitelist of adresses only.

Did you find any solution to this?

You can use a custom cli script. Take a look at this:

UPDATE:

Create a file called disable_welcome.cli containing:

/subsystem=undertow/server=default-server/host=default-host/location=\/:remove

This is how to instruct keycloak docker container to run the script at startup keycloak-containers/README.md at main · keycloak/keycloak-containers · GitHub

1 Like

alternatively you can edit index.ftl ( keycloak-x.x.x/themes/keycloak/welcome )

and have you /auth page stripped to bare minimum

Or, what about something like…

<html>
<head>
    <meta http-equiv="refresh" content="0; url=https://www.example.com/" />
    <meta name="robots" content="noindex, nofollow">
    <script type="text/javascript">
        window.location.href = "https://www.example.com/"
    </script>
</head>
<body>
    If you are not redirected automatically, follow this <a href='https://www.example.com/'>link</a>.
</body>
</html>

in keycloak/welcome-content/index.html ?

Hi,

my solution is to override /opt/jboss/keycloak/themes/keycloak/welcome/index.ftl with following content.

<html>
<head>
    <meta http-equiv="refresh" content="0; url=${adminUrl}" />
    <meta name="robots" content="noindex, nofollow">
    <script type="text/javascript">
        window.location.href = "${adminUrl}"
    </script>
</head>
<body>
If you are not redirected automatically, follow this <a href='${adminUrl}'>link</a>.
</body>
</html>