Private uri in verify email


We have a keycloak (8.0) installed on kubernetes cluster behind nginx ingress. we also have multiple microservice (quarkus) and a web application (widlfly 17 with keycloak adapter) inside the same cluster all secured by keycloak , everything is working well.

We can access keycloak from public address , lets say create users , roles , permissions …

We can access our webapp ( from public address , we are correctly redirected to keycloak login page and after succefull login correctly redirected to webapp , from the web app i can check roles , permissions we have entered on keycloak…

Form the keycloak admin console when we create a new user with “EMAIL VERIFY” action, the user receive an email to check his email and set a paswword , inside this email the link use the public address of keycloak (because the acsess keycloak through nginx with x-forward param so the base uri is maintained) is what we want.

Our problem is when we want to create a new user with admin java client from one of microservice.

Our “user microservice” create the user programmaticaly but our microservice use internal cluster address to connect to keycloak let’s say “keycloak.cluster.local” the user is correctly created on keycloak but the link he receive for the verify action use the internal address and not the public keycloak address , so he cant verify his email.

we have setted the frontend url in standalone.xml with


but the verify email always contains the private address in link (address we use from the admin java client to connect and create user )

thanks you in advance for your help, any tips will be very appreciated.


PS : sorry for my english , not my first language

Same problem here, did U solve this ?