Realm Login on Subdomain

Hello everyone,
I’m kind of lost on the configuration of Keycloak and I hope I can get some help here. I’m in a University team and our task is to create a protected API for some microservice. We did some research and found about some best practices, one of them being the use of OpenID Connect. Since I already used (a completely pre-configured) Keycloak during an internship, we decided to use Keycloak. This is the setup we have so far.

We have a Keycloak instance running in Docker using the official jboss/keycloak image. We properly configured the docker image and mapped the containers 8080 port to port 8080 on our host.
We’re also using an nginx as a reverse proxy. So far the nginx is configured to map the requests to account.ourapp.tld to the docker container which worked fine so far. The nginx is also handling the SSL certificates using Lets Encrypt and Certbot.
We also created and configured a realm for our application, but here is our problem.

Our goal is that account.ourapp.tld shows the users manage profile page. As of now, accessing the subdomain just shows the “Welcome to Keycloak” page with the links to the admin console and documentation. If we want to login to our realm, the full url is something like

https://account.myapp.tld/auth/realms/realm/account
although we want it to be
https://account.myapp.tld/account
So basically we want to realm to have its own subdomain.
I already did some research and found out about the frontend_url setting, but I wasn’t able to find any examples.

I’m sorry if this is a very basic question, but I really wasn’t able to get it to work. Can somebody explain what I’m supposed to do?

I appreciate any help!
Regards mo99

1 Like

Are you behind a reverse proxy like apache2 or nginx? If so then consider setting up apache2’s mod-rewrite, or nginx’s equivalent.