First of all sorry if this is a duplicate question, I did some google search but can not find anything similar.
We are using Keycloak 12.0.1 for development, and the web origins is not working some time both in local and gke clusters.
So I am wondering if anyone has encounter this? And if there is a solution?
How did you prove that the web origins are not stable? How do you know that’s a problem of the Keycloak and not used infrastructure?
Thanks for your reply. We did add our front end to the client’s web origins but the CORS policy blocks front end request randomly.
In most time redeployment could make it work. But I hope there is a better solution.
Not sure what kind of prove is expected? Or what’s the best way to verify my assumption?
Pls, prove that’s “randomly”. Shows that the same preflight request is giving you different response in the time. Easy task for curl.
I have solid experience that SPA devs don’t understand how CORS works for OIDC and have unrealistic expectations (e.g. auth endpoint must work with XHR, because token endpoint works as well, ‘*’ in web origins allows everything, because it’s regexp and not literal, it will be working on
localhost, wrong flows). I’m “sick” of those wrong expectations - I have created repo with basic hints GitHub - jangaraj/keycloak-cors-issue-debugging: Recommendations how to solve/debug CORS issues, when Keycloak IDP is used
Thanks so much for your time and sorry for the bother, I will read your hints.
It doesn’t mean I’m 100% right. You just still didn’t prove your claim “web origins are not stable”. It’s very vague error description, so you need to support that. CORS issue indicates very likely problem with client configuration or with your code (and you didn’t show those, so there is nothing what can be pointed as a problem).