Rest API inside cluster local access

Greetings everyone,

I have a case on an environment where Keycloak is handling auth,
all coms are then rproxied using traefik thus keycloak ports being bound to traefik and served on a specific path named “auth”.

Then there are Frontend container and Backend container and various other containers forming up the cluster. As the cluster is designed at the frontend we use keycloak-js which redirects all unauthenticated users to /auth and after successful login it redirects user and we get access to bearer and provide it at each further request on Backend api.

Since Keycloak and Backend are on same network I was trying to perform bearer validation by Keycloak internally by performing a GET request on
by providing header param: Authorization: Bearer {token}

All I get as response is:

“statusCode”: 401,
“message”: “connect ECONNREFUSED”

Assuming the IP is the local ip of keycloak container, I suppose the port is bound to traefik and then you can later on access the rest when it goes over DNS.

Is there an alternative about this task all we need is just verify bearer but is that doable with an internal network? Without having to go around the internet.

Best regards

Rather than being a keycloak issue this was more docker related.

Finally what we ended up doing was use --add-host param from docker Docker run reference | Docker Documentation
we added a line at hosts pointing the desired domain to traefik local ip inside cluster.

The requests resolve on domain as it was going through internet.