Hi, hope you can help me! I have an Angular application where users are organised in multiple realms. It works fine when I use a sub-domain to map the user to a realm, ie, users accessing the app using realmx.app.com are authenticated against realmx. But I need to make it work without the sub-domain so that all users initially authenticate against a common realm and the authentication flow asks for the userid, determines which realm to authenticate against and redirects to the correct realm if needed. This seems to work but after the other realm authentication flow redirects to the app, this.keycloak.getKeycloakInstance().authenticated is always false, even when the user has been authenticated. I use the keycloak-angular package. Any ideas would be very welcome, chatgpt is running out of patience with me
This is the code in the custom authentication step:
if(userRealm.getName().equals(DEFAULT_REALM)) {
context.setUser(user);
context.success();
} else {
String baseUri = context.getUriInfo().getBaseUri().toString();
String redirectUri = "http://localhost:4200";
String redirectUrl = baseUri + "realms/" + userRealm.getName() + "/protocol/openid-connect/auth"
+ "?client_id=" + context.getAuthenticationSession().getClient().getClientId()
+ "&tab_id=" + context.getAuthenticationSession().getTabId()
+ "&redirect_uri=" + redirectUri
+ "&response_type=code"
+ "&scope=openid"
+ "&kc_idp_hint=" + userRealm.getName();
Response response = Response.status(Response.Status.FOUND).location(URI.create(redirectUrl)).build();
context.forceChallenge(response);
}
And this is the code in the app:
public async isAccessAllowed(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise {
let authenticated = this.keycloak.getKeycloakInstance().authenticated;
if (!authenticated) {
this.login(“/”);
}
Thank you!