Hello
I’m testing Keycloak standalone mode using the official Docker image.
I want to override the endpoint hostname in openid-configuration, but it’s not working so far.
Please give me some advice on how to achieve my intended change.
$ sudo docker image inspect jboss/keycloak | grep VERSION
"KEYCLOAK_VERSION=12.0.4",
"JDBC_POSTGRES_VERSION=42.2.5",
"JDBC_MYSQL_VERSION=8.0.22",
"JDBC_MARIADB_VERSION=2.5.4",
"JDBC_MSSQL_VERSION=8.2.2.jre11",
"KEYCLOAK_VERSION=12.0.4",
"JDBC_POSTGRES_VERSION=42.2.5",
"JDBC_MYSQL_VERSION=8.0.22",
"JDBC_MARIADB_VERSION=2.5.4",
"JDBC_MSSQL_VERSION=8.2.2.jre11",
$ sudo docker run --name keycloak -d \
-p 8081:8080 \
-p 8444:8443 \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=password \
-e KEYCLOAK_IMPORT=/tmp/demo_realm.json \
-v /home/username/keycloak/demo_realm.json:/tmp/demo_realm.json \
-v /home/username/keycloak/standalone_mod.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml \
jboss/keycloak
$ sudo docker exec keycloak cat /opt/jboss/keycloak/standalone/configuration/standalone.xml
<spi name="hostname">
<default-provider>${keycloak.hostname.provider:default}</default-provider>
<provider name="default" enabled="true">
<properties>
<property name="frontendUrl" value="https://sso.example.com"/>
<property name="forceBackendUrlToFrontendUrl" value="true"/>
</properties>
</provider>
<provider name="fixed" enabled="true">
<properties>
<property name="hostname" value="${keycloak.hostname.fixed.hostname:localhost}"/>
<property name="httpPort" value="${keycloak.hostname.fixed.httpPort:-1}"/>
<property name="httpsPort" value="${keycloak.hostname.fixed.httpsPort:-1}"/>
<property name="alwaysHttps" value="${keycloak.hostname.fixed.alwaysHttps:false}"/>
</properties>
</provider>
</spi>
$ curl https://sso.example.com/auth/realms/demo/.well-known/openid-configuration | jq
{
"issuer": "http://192.168.0.100:8081/auth/realms/home",
"authorization_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/auth",
"token_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/token",
"introspection_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/token/introspect",
"userinfo_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/userinfo",
"end_session_endpoint": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/logout",
"jwks_uri": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/certs",
"check_session_iframe": "http://192.168.0.100:8081/auth/realms/demo/protocol/openid-connect/login-status-iframe.html",
"grant_types_supported": [
"authorization_code",
"implicit",
"refresh_token",
"password",
"client_credentials"
],
best regards.