I’m trying to run keycloak and gatekeeper within the same kubernetes cluster, and I’m a litlle confused as to how to configure the redirects and discovery.
I have the following configuration:
discovery-url: http://keycloak-http.default.svc.cluster.local/auth/realms/myrealm redirection-url: https://example.com # the actual site? or should this be the sidecar upstream-url: http://127.0.0.0:3000 # sidecar client-id: myclient-dev listen: 0.0.0.0:5000 headers: X-Forwarded-Host: keycloak.example.com X-Forwarded-Proto: https
So basically, I’m trying to grab the openid configuration from the internal kubernetes service. What ends up happening, however, is when gatekeeper tries to create a new session, it redirects to that internal service URL. This is why I used the X-Fowarded-* headers in an attempt to resolve to the proper keycloak URL.
Any help would be appreciated!