Hello,
I would like to configure my
Keycloak to use a different URL for a Realm.
In the Realm Settings tab there is an option
for Frontend URL but when I set it to a value and
create a new ingress record the account console
won’t load.
In the help field it says to use the frontend url in combination
with the default hostname provider.
Does anyone have documentation on how this works?
Much appreciated,
Johannes
1 Like
I’m in the same issue with you, I want to setup a different URl for a specific Realm, but when I tried to set the frontend value to the URl I want, it simply doesn’t work, and I already configured all the proper redirection for the domain name that I want to use.
1 Like
Sorry for reviving this thread but I am in the same position right now. Did you manage to set a different url for your realms?
I set the
KC_HOSTNAME_URL: https://login.domain1
KC_HOSTNAME_ADMIN_URL: https://admin.domain1
KC_ADMIN_URL: https://admin.domain1
I have 3 realms and their corresponding frontend urls are:
- Master:
https://admin.domain1 - Domain1:
https://login.domain1 - Domain2:
https://login.domain2
I added a frontend URL “auth.mydomain.com” to have a realm on a different URL. Also set the KC_HOSTNAME_URL= auth.mydomain.com I have been getting below-error
ERROR [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (executor-thread-118) Failed to parse realm frontendUrl 'auth.mydomain.com'. Falling back to global value.: java.lang.IllegalArgumentException: The url [frontendUrl] is malformed
@ashish-online and when you type in browser “login.domain2” than redirect it to login form on address login.domain2/reallm/domain2/protocol/open… ?
@nishit93-hub Frontend URL maybe must be in full format like “https://domain:443”.
Why would you set the urls from keycloak instead instead of a gateway or reverse proxy?
Keycloak is already doing a redirect, but to master the realm…which doesn’t make sense. It should redirect to the realm defined by the domain used in the URL.
You propose to fix the behavior of the application by adding a second application with the sole purpose of rewriting the path for one defined address. And you want to call it the right solution? It looks like a workaround to me 
I didn’t propose it as a solution, but i just knew keycloak sets urls. I thought that would be the reverse proxy job that’s it.
I dig little in source code and … redirect is controled by attribute “redirectToAdmin” in the “welcome” theme. But there is just one “welcome” theme at all. It looks like application does not know realm base on Frontend URL at beginning.
It is possible overwrite theme and turn off the redirect. But it effects all URLs … so the URL to master realm too (it is not what we want).
The right way looks to me, in case Frontend URL is set than should be “welcome” theme specified to this realm. And used according by hostname in the URL.