As per documentation Keycloak gatekeeper supports bearer token for authentication. After deployment https://hub.helm.sh/charts/gabibbo97/keycloak-gatekeeper it seems that only browser cookie works. But in tcpdump from upstream application I can see x-auth-token details which are not visible in browser.
Please elaborate how can I use Bearer token(not cookie) in order to authentication as client e.g. using curl curl -v http://$INGRESS_HOST --header "Authorization: Bearer $TOKEN"
Curl provides keycloak login page instead of demo application page. I’m confused here
Also by meaning disable symetric token encryption I understand you are asking to change Client Authenticator in Keycloak from Client ID and Secret to Signed JWT or X509.
The probelm with changing symetric authentication type is that I didn’t find any documentation reference how to use Signed JWT in Keycloak Gatekeeperhttps://hub.helm.sh/charts/gabibbo97/keycloak-gatekeeper
I can see some reference in keycloak gatekeeper for JWKS in oauth_test.go and e2e_test.go files, but not sure this could be used in configuration somehow.
Here are my another questions posted related to how Signed JWT in Keycloak, in simply world, when I change Client Authenticator in Keycloak to Signed JWT I receive 403 error from browser after login via keycloak gatekeeper. Probably because keycloak gatekeeper is configured with client id and secret
I wonder if there is any guide or at least reference how to use JWKS URL in Keycloak , specially with keycloak gatekeeper