Keycloak + NGINX virtual hosts

I’m trying to setup keycloak in front of multiple virtual hosts

web: gateway_ip
app1: gateway_ip:8100
app2: gateway_ip:8200

I’ve done it with success for web host, it displays the keycloak login form, I submit my credentials and I’m redirected to the web page. I’ve tried to apply the same config(different client id and secret) to other virtual hosts but without success(CSP errors and 403 )

nginx vhost conf example:

 server {
    listen 8200;
    server_name x.x.x;
    location / {

access_by_lua '
       local opts = {
         redirect_uri = "/redirect_uri",
         accept_none_alg = true,
         discovery = "http://keycloak_host:8181/auth/realms/pantagruel/.well-known/openid-configuration",
         client_id = "test2",
         client_secret = "abc",
         redirect_uri_scheme = "http",
         logout_path = "/logout",
         redirect_after_logout_uri = "http://keycloak_host:8181/auth/realms/pantagruel/protocol/openid-connect/logout?redirect_uri=http://x.x.x/",
         redirect_after_logout_with_id_token_hint = false,
         session_contents = {id_token=true}
       -- call introspect for OAuth 2.0 Bearer Access Token validation
       local res, err = require("resty.openidc").authenticate(opts)
       if err then
         ngx.status = 403

    proxy_pass http://internal_ip(x.x.x):8200;
    proxy_redirect     default;
    proxy_http_version 1.1;
    proxy_set_header Host $host;
    proxy_set_header   X-Real-IP         $remote_addr;
    proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Host $host:$server_port;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_max_temp_file_size 0;

keycloak config
enter image description here