Keycloak authentication fails when initiating call with www prefix

Our web application uses Keycloak 11.0.2 with the appropriate java script adapter. Keycloak and the web application are deployed as single instance in a k8s environment using the kong ingress controller (and api gateway).

Everything works fine when a browser hits the platform url A user can self register, login to the target application etc. via Keycloak.

However, when “www” is prefixed in the URL (https:// www, submitting the credentials on the Keycloak login form leads to the following error.

We are sorry… An error occurred, please login again through your application

The corresponding error log in the Keycloak console is:

18:05:21,330 WARN  [] (default task-20) type=LOGIN_ERROR, realmId=myrealm, clientId=null, userId=null,, error=invalid_code

The “valid redirect urls” have been set to

The Keycloak adapter is configured to use relative paths by skipping the “url” parameter

class KeycloakConfig implements Keycloak.KeycloakConfig {
  clientId: string = 'myclient';
  realm: string = 'myrealm';
  url: string = '/auth';

I tried different browsers on macOs and iOS without success.

What do I miss here?

Thank you!

I fixed it with a workaround in the API gateway redirecting the… request to https://my