Client application are facing “Invalid CORS Request” issue after Keycloak version 11.0.1 updates. Reason identified for the error is request header includes Origin: null in redirect request header from Keycloak /saml/SSO . Wrong value for request header from Keycloak end does not allow user to redirect successfully after post authentication step. In earlier Keycloak version 9.0.0 version request header value for Origin: that matches with client application CORS configuration and user was able to redirect successfully.
Please update. its urgent
I am also encountering this problem, does anyone have any suggestions or ideas?
We’ve found that downgrading to 11.0.2 fixes this issue. What changed between 11.0.2 and 11.0.3?