Getting started problems


Im trying to get KeyCloak 11.0.2 working with a ASPnet Core test project.

KeyCloak 11.0.2 is running in a Docker container and the ASPnet is running from Visual Studio 2019 on my Windows 10 box

My understanding is that The consumer of the ASPNET Core WebAPI needs to get a token from keycloak 11.0.2 and then provide this to the ASPNET WebAPI to consume the webmethod(api/values).

If I try to visit the [localhost]:5001/api/values it will redirect me to [localhost]:5001/signin-oidc where it displays this exception :

OpenIdConnectProtocolException: Message contains error: 'invalid_request', error_description: 'Invalid scopes: openid profile email claims', error_uri: 'error_uri is null'.

I can also see this in the keycloak consol :

20:45:46,776 ERROR [] (default task-13) KC-SERVICES0093: Invalid parameter value for: scope

20:45:46,776 WARN [] (default task-13) type=LOGIN_ERROR, realmId=master, clientId=aspnetcore-keycloak, userId=null, ipAddress=x, error=invalid_request, response_type=code, redirect_uri=[localhost]:5001/signin-oidc, response_mode=form_post

I suspect that the problem is that Im not providing a access token to the webapi, the webapi will ask keycloak if it is valid, keycloak writes the error in its console and the webapi try to redirect me to a sign in page, right?

To get this working I first need to get a token from keycloak that is provided to the webapi. The question is how to do this?

I got Postman where I have created a request(GET) to [localhost]:5001/api/values. I have looked under Authorization > OAuth 2.0 > Get new Access Token but Im not sure what values I should add here got get the GET request to work.

Could you pleas help?