Hi, I’ve been attempting to setup a proxy in front of my dev version of keycloak that runs in a docker container on Windows, I set the env var on setup of the container in preparation:
-e PROXY_ADDRESS_FORWARDING=true
And I’ve been into the admin area to set the front end url for the specific realm, eg:
KEYCLOAK_FRONTEND_URL = http://auth.example.com
And cleared all the cache for the realm but when I check the well-known config file, some of the URLs still include the localhost:8080 domain:
{
"issuer": "http://auth.example.com/auth/realms/testing",
"authorization_endpoint": "http://auth.example.com/auth/realms/testing/protocol/openid-connect/auth",
"token_endpoint": "http://localhost:8080/auth/realms/testing/protocol/openid-connect/token",
"introspection_endpoint": "http://localhost:8080/auth/realms/testing/protocol/openid-connect/token/introspect",
"userinfo_endpoint": "http://localhost:8080/auth/realms/testing/protocol/openid-connect/userinfo",
"end_session_endpoint": "http://auth.example.com/auth/realms/testing/protocol/openid-connect/logout",
"jwks_uri": "http://localhost:8080/auth/realms/testing/protocol/openid-connect/certs",
"check_session_iframe": "http://auth.example.com/auth/realms/testing/protocol/openid-connect/login-status-iframe.html",
"grant_types_supported": [....
Am I missing something, I would have thought my changes would have been used for all urls above (and the other 2 further down in the well-known config).
Thanks,
Steve