Java OIDC adapter logs out via frontend URL instead of auth-server-url

jens1 · August 23, 2021, 3:59pm

Hello,

I have a JavaEE application secured with Keycloak’s official OIDC adapter. Because both the application and Keycloak run as docker containers on the same server, I have set up the hostname provider with a frontend URL for end users different from the URL configured for backend-to-Keycloak requests (see Documentation).

This works fine, except when the user logs out via HttpServletRequest.logout(). With this action, the adapter (= the backend) performs a POST request to the end_session_endpoint in the OIDC config hosted at <my_keycloak_server>/auth/realms/<my_realm>/.well-known/openid-configuration, which is the frontend URL.

Is there any way to override this?

Thanks

OLibutzki · March 25, 2022, 9:00am

Seems to be a duplicate of this question: Spring: adapter-core logout uses Frontend URL from backend · Discussion #10657 · keycloak/keycloak · GitHub

I’m interested in a solution as well.

Topic		Replies	Views
OIDC Identity Provider Logout - How does it work? Getting advice identity-brokering , oidc	1	2272	June 10, 2023
Oidc logout with post_logout_redirect_uri redirects to KeyCloak url Configuring the server client-configuration , oidc	1	4626	January 13, 2021
Logout at Spring Authorization Server doesn't terminate user session in Keycloak Getting advice authentication , identity-brokering , oidc	1	2385	December 13, 2022
External IDP not Logged Out Getting advice authentication , identity-brokering , oidc	3	1091	May 25, 2023
Securing react-native mobile app using api endpoints, not redirection Securing applications authentication , oidc	0	658	June 26, 2021

Java OIDC adapter logs out via frontend URL instead of auth-server-url

Related Topics