Http://localhost/auth/realms/myrealm/.well-known/openid-configuration

Setup two keycloaks. One running on port 8080 and the other on port 8081.
keycloak on 8080 will be my borker. Trying to import metat data with this URL that works with curl and in the browser, but in keycloak getting error 500:
http:/localhost/auth/realms/myreal/.well-known/openid-configuration

Is there some setting that must be made in keycloak (version 20)

ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-24) Uncaught server error: org.apache.http.conn.HttpHostConnectException: Connect to localhost:8081 [localhost/127.0.0.1] failed: Connection refused (Connection refused)

image1029×278 22.6 KB

I have noticed this problem only occurs if I have two separate keycloaks.
Discovery endpoint works ok if I create two seperate realms in keycloak, one for broker and one for IDP.
Sees to be a bug. The errors in the log are not meaningful to help diagnose

The issue is caused by CORS.

In docker-compose file at start-dev, I set for my dev instnace to allow cross origin for all origins

entrypoint: [“/opt/keycloak/bin/kc.sh”, “start-dev”, “-Djboss.http.cors.enabled=true”, “-Djboss.http.cors.allowed-origins=*”, “-Djboss.http.cors.allowed-methods=GET,POST,HEAD,OPTIONS,PUT,DELETE”, “-Djboss.http.cors.allowed-headers=Content-Type,Accept,Authorization,X-Requested-With”, “-Djboss.http.cors.exposed-headers=Content-Type” ]

In your screenshot you use https instead http.

Sorry, screen print was when I had setup keycloak with TLS (rightly so, misleading).
As part of the analysis to solve the issue, I removed TLS, thinking it to be the cause of the problem. But, I had the same error using http protocol. I finally got there, but the process was painful

As well as starting the container with the Java option in the JavaScript adaptor, I set checkLoginIframe: false when initializing as follows …

keycloak.init({ onload: ‘login-required’, flow: ‘implicit’, checkLoginIframe: false }).then(function(authenticated)