Hi! I have a simple NodeJS application which I’d like to protect with keycloak-connect, but everytime returns a 403 - Access Denied error.
I have done all the tutorials i’ve found (same code, same keycloack and node versions) and even try the example provided in the library but still get the same error.
This is my keycloak.json file:
{
"realm": "prueba",
"auth-server-url": "http://localhost:8080/auth/",
"ssl-required": "external",
"resource": "prueba",
"public-client": true,
"confidential-port": 0
}
My code:
var express = require("express");
var session = require("express-session");
var Keycloak = require("keycloak-connect");
var app = express();
app.use(session({
secret:'thisShouldBeLongAndSecret',
resave: false,
saveUninitialized: true
}));
var sessionStore = new session.MemoryStore();
var keycloak = new Keycloak({ store: sessionStore });
app.use(keycloak.middleware());
// public url
app.get("/", (req, res) => res.send("Welcome!!"));
// protected url
app.get("/hello", keycloak.protect(), (req, res) => res.send("Hello!!"));
app.listen(3000, function () {
console.log('Listening at http://localhost:3000');
});
When I navigate to http://localhost:3000/hello I get a 403 Access Denied and in console i get this
I really don’t know if I missed a step or any settings in Keycloak realms or client. I hope someone can help. Thank you!
You might try:
const memoryStore = new session.MemoryStore();
const mySession = session({
Are you able to Resolve this issue?
Has anyone resolved this issue yet?
Were you able to solve this problem, I have been experiencing the same.
Has anyone resolved this issue ? Getting the same Access Denied 403 error even after doing what @dmitchell suggested.
Please provide steps to reproduce the issue you mention. That’s the only way to get people to help you.
Things like:
Keycloak server version
Keycloak Node.js version
Realm configuration or how the client is configured
Publish the code on GitHub if possible
The more information you provide, more quickly you may get an answer.
1 Like
cric1
November 24, 2020, 3:06am
8
I too get the same error for the node adapter by following the keycloak documentation.
Keycloak version 11.0.0
Client is configured as openid protocol with bearer-only =true.
I have the same issue. Did anyone resolve this issue?
diegosm
December 8, 2020, 6:44pm
10
Guys I think I’m facing the same problem.
In my case, when I’m executing some commands like, create new realm, and after this, in sequence, I send another command like create roles at this new realm, I give access denied 403, it seems like the first command (create realm) sent me 201 status on keycloak API, but someway (I dont know why) the new realm isn’t ready properly.
If I send the create roles command before some time, it work correctly.
Does someone know how to solve it? I imagine that I could not run keycloak with high volume access.
Best regards,
if you’re still running into this issue, following the steps here fixed the issue for me :
