Hello everyone.
I just updated from v22 to v25.0.1.
When I look at ./realms/master/.well-known/openid-configuration on both master and custom realm, I see that my urls are sometimes https and sometimes http.
Didn’t have that in the previous version.
{
"issuer": "https://mydomain.com/auth/realms/myrealm",
"authorization_endpoint": "https://mydomain.com/auth/realms/myrealm/protocol/openid-connect/auth",
"token_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/token",
"introspection_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/token/introspect",
"userinfo_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/userinfo",
"end_session_endpoint": "https://mydomain.com/auth/realms/myrealm/protocol/openid-connect/logout",
"frontchannel_logout_session_supported": true,
"frontchannel_logout_supported": true,
"jwks_uri": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/certs",
"check_session_iframe": "https://mydomain.com/auth/realms/myrealm/protocol/openid-connect/login-status-iframe.html",
....
"require_pushed_authorization_requests": false,
"pushed_authorization_request_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/ext/par/request",
"mtls_endpoint_aliases": {
"token_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/token",
"revocation_endpoint": "https://mydomain.com/auth/realms/myrealm/protocol/openid-connect/revoke",
"introspection_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/token/introspect",
"device_authorization_endpoint": "https://mydomain.com/auth/realms/myrealm/protocol/openid-connect/auth/device",
"registration_endpoint": "http://mydomain.com/auth/realms/myrealm/clients-registrations/openid-connect",
"userinfo_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/userinfo",
"pushed_authorization_request_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/ext/par/request",
"backchannel_authentication_endpoint": "http://mydomain.com/auth/realms/myrealm/protocol/openid-connect/ext/ciba/auth"
},
"authorization_response_iss_parameter_supported": true
}
Is this config related or could it be a bug introduced in v25 and hostname v2 changes?
The ones concerned seems to be the same as the one impacted by admin url ( OpenID Endpoint Configuration wrong urls after updating - Configuring the server - Keycloak)
Thanks in advance!