We started using Keycloak 17.0.1 version and recently updated to 19.0.1. Now we are having a lot of this error in Keycloak container logs. Is that just noise or something mandatory missing in configuration?
Same problem. I created a brand-new realm âtestâ and then exported both that as well as my existing realm that had come thru the upgrade from older version and was emitting the error. In the old realm, but NOT the new âtestâ realm, I see the following:
"acr.loa.map": "[]"
In the attributes object at the top level. Complete diff:
Hi,
working on an elytron-examples OIDC-WITH-BARRIER as a beginner, no samples works with this error.
I investigate a bit and found that in 19.0.2 there is no more /auth/ at the entry points of keycloak services.
To make samples work, i patched the oidc.json de /src/main/web-app/, changing
âprovider-urlâ : â${env.OIDC_PROVIDER_URL:http://localhost:8080}/auth/realms/myrealmâ by
âprovider-urlâ : â${env.OIDC_PROVIDER_URL:http://localhost:8080}/realms/myrealmâ.
and it works.
Later, i try some other samples designed with node.js : same problem. I can patch the frontend by removing /auth/ in this app.js:
// var KC_URL = process.env.KC_URL || "http://localhost:8080/auth";
var KC_URL = process.env.KC_URL || "http://localhost:8080"
This patch allows app to find the following localhost:8080/js/keycloak.js
But for the OIDC entry point, this file contains the same wrong /auth :
kc.endpoints = {
authorize: function() {
return getRealmUrl() + '/protocol/openid-connect/auth';
```.
At now, i have not found how to patch that.
I think it will be better to restore */auth* in >19 if this is a mistake. Otherwise, patch and patch...
HTH
I personally fixed this warning by editing each Realm settings.
In Admin console, open the Realm Settings (under Configure section in the left pane) and in the first General tab, locate the âACR to LoA Mappingâ setting. Put any valid key/value pair (ex: key=ABC, value=5) then save, remove the k/v just entered and save again. Repeat the same process for each realm, and the error is gone.
Adding a valid key/value and removing it force keycloak to set âacr.loa.mapâ to an empty object instead of an empty list.