Hi all!
I tried to create .Net Core 3.1 Web API witch used Keycloak authorization. I want to implement next scenario:
- Browser send some request to api.
1*. If user isn’t authenticated, Api redirect to Keycloak login page. - Api check auth.
- Api send response.
But it doesn’t work(
Into step 2 I have System.Exception: Correlation failed.
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.
As far, as I understand, it’s part of openId witch protect from login CSRF attack, and it’s cookies based. I think, problem was in cookie witch I marked red in net logs, and it wasn’t in Keycloak response.
My question is: How make Keycloak to return all sended cookies? I think it is some option, but I couldn’t find it.
