I have configured my keycloak behind a reverse proxy server and managed to set the proper frontend url for the realm. The configuration is as follows:
https://public_kc_url/auth (this url is used within the realms settings / Frontend URL)
------> reverse proxy to server localhost:58000
Within my realm I have created a client, which is deployed on another server and I am using the authorization code flow (e.g. https://clienturl/app). The redirect urls for this client are set to absolute urls (e.g. https://clienturl/app/afterlogin).
The problem is, that the client application is redirected to keycloaks login page. After an successfull login attempt (the authentication is successfull), the keycloak server does not use the correct redirect urls, but calls itself with https://public_kc_url/app/afterlogin.
So basically, it uses the base frontend url of the realm and anything else from the clients relative redirect url…
My keycloak version is 11.0.2.