How to modify endpoint hostname (Keycloak on docker)

Configuring the server
1

Hello

I’m testing Keycloak standalone mode using the official Docker image.
I want to override the endpoint hostname in openid-configuration, but it’s not working so far.
Please give me some advice on how to achieve my intended change.

$ sudo docker image inspect jboss/keycloak | grep VERSION
                "KEYCLOAK_VERSION=12.0.4",
                "JDBC_POSTGRES_VERSION=42.2.5",
                "JDBC_MYSQL_VERSION=8.0.22",
                "JDBC_MARIADB_VERSION=2.5.4",
                "JDBC_MSSQL_VERSION=8.2.2.jre11",
                "KEYCLOAK_VERSION=12.0.4",
                "JDBC_POSTGRES_VERSION=42.2.5",
                "JDBC_MYSQL_VERSION=8.0.22",
                "JDBC_MARIADB_VERSION=2.5.4",
                "JDBC_MSSQL_VERSION=8.2.2.jre11",

$ sudo docker run --name keycloak -d \
  -p 8081:8080 \
  -p 8444:8443 \
  -e KEYCLOAK_USER=admin \
  -e KEYCLOAK_PASSWORD=password \
  -e KEYCLOAK_IMPORT=/tmp/demo_realm.json \
  -v /home/username/keycloak/demo_realm.json:/tmp/demo_realm.json \
  -v /home/username/keycloak/standalone_mod.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml \
  jboss/keycloak

$ sudo docker exec keycloak cat /opt/jboss/keycloak/standalone/configuration/standalone.xml
            <spi name="hostname">
                <default-provider>${keycloak.hostname.provider:default}</default-provider>
                <provider name="default" enabled="true">
                    <properties>
                        <property name="frontendUrl" value="https://sso.example.com"/>
                        <property name="forceBackendUrlToFrontendUrl" value="true"/>
                    </properties>
                </provider>
                <provider name="fixed" enabled="true">
                    <properties>
                        <property name="hostname" value="${keycloak.hostname.fixed.hostname:localhost}"/>
                        <property name="httpPort" value="${keycloak.hostname.fixed.httpPort:-1}"/>
                        <property name="httpsPort" value="${keycloak.hostname.fixed.httpsPort:-1}"/>
                        <property name="alwaysHttps" value="${keycloak.hostname.fixed.alwaysHttps:false}"/>
                    </properties>
                </provider>
            </spi>


$ curl https://sso.example.com/auth/realms/demo/.well-known/openid-configuration | jq
{
  "issuer": "http://192.168.0.100:8081/auth/realms/home",
  "authorization_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/auth",
  "token_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/token",
  "introspection_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/token/introspect",
  "userinfo_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/userinfo",
  "end_session_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/logout",
  "jwks_uri": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/certs",
  "check_session_iframe": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/login-status-iframe.html",
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "refresh_token",
    "password",
    "client_credentials"
  ],

best regards.

2 
 docker run --name keycloak -d \
  -p 443:8443 \
  -e KEYCLOAK_USER=admin \
  -e KEYCLOAK_PASSWORD=password \
 -e KEYCLOAK_FRONTEND_URL=https://auth.test \
  jboss/keycloak:12.0.3

curl https://auth.test/auth/realms/master/.well-known/openid-configuration -k |jq

“issuer”: “https://auth.test/realms/master”,
“authorization_endpoint”: “https://auth.test/realms/master/protocol/openid-connect/auth”,
“token_endpoint”: “https://auth.test/realms/master/protocol/openid-connect/token”,
“introspection_endpoint”: “https://auth.test/realms/master/protocol/openid-connect/token/introspect”,
“userinfo_endpoint”: “https://auth.test/realms/master/protocol/openid-connect/userinfo”,
“end_session_endpoint”: “https://auth.test/realms/master/protocol/openid-connect/logout”,
“jwks_uri”: “https://auth.test/realms/master/protocol/openid-connect/certs”,

1 Like