Hello everyone,
I already configure my keycloak to use security headers in REALM, it’s ok, but the headers only show to me on /auth request, in the root URL it’s dont showing. If i use a site to validate HSTS(HTTP Strict Transport Security Header Testing Tool) and put my site http://d-auth.portaldedocumentos.com.br/ the site dont find the header, but if i go on chrome and press f12 i can see the HSTS header… Can anyone help me to allow HSTS on root URL?