I am upgrading form keyclok 4.7 to keycloak 12
When I load the admin console the first few calls includes
GET auth/admin/realms
GET auth/admin/serverinfo
In keycloak 4.7 when this request was being made from browser the
referter header was being sent
i.e -H ‘referer: https://mykeycloakserver.com/auth/admin/master/console/’
In new version of keycloak i see this refer headers missing
any idea why this is removed?And what should i do to add this back?
keycloak 12 request
> curl 'https://mykeycloakserver.madhu/auth/admin/realms' \
> -H 'authority: mykeycloakserver.madhu' \
> -H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"' \
> -H 'accept: application/json, text/plain, */*' \
> -H 'dnt: 1' \
> -H 'authorization: Bearer bla bla' \
> -H 'sec-ch-ua-mobile: ?0' \
> -H 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42' \
> -H 'sec-fetch-site: same-origin' \
> -H 'sec-fetch-mode: cors' \
> -H 'sec-fetch-dest: empty' \
> -H 'accept-language: en-US,en;q=0.9' \
> --compressed
keycloak 4.7 request
curl 'https://mykeycloakserver.madhu/auth/admin/realms' \
-H 'authority: mykeycloakserver.madhu' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Google Chrome";v="90"' \
-H 'accept: application/json, text/plain, */*' \
-H 'dnt: 1' \
-H 'authorization: Bearer mytoken' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36' \
-H 'sec-fetch-site: same-origin' \
-H 'sec-fetch-mode: cors' \
-H 'sec-fetch-dest: empty' \
-H 'referer: https://mykeycloakserver.madhu/auth/admin/master/console/' \
-H 'accept-language: en-US,en;q=0.9' \
--compressed