Set Hostname for OpenID endpoints in domain mode

catshout · February 20, 2020, 9:49am

Dear community,

we were setting up 2 Keycloak instances in domain mode with a (also doubled) proxy in front of. When I’m calling the endpoint information under

…/auth/realms/master/.well-known/openid-configuration

I’m getting this

|issuer|"https://keycloak_host_1:8445/auth/realms/master"|
|---|---|
|authorization_endpoint|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/auth"|
|token_endpoint|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/token"|
|token_introspection_endpoint|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/token/introspect"|
|userinfo_endpoint|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/userinfo"|
|end_session_endpoint|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/logout"|
|jwks_uri|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/certs"|
|check_session_iframe|"https://keycloak_host_1:8445/auth/realms/master/protocol/openid-connect/login-status-iframe.html"|

and

|issuer|"https://keycloak_host_2:8445/auth/realms/master"|
|---|---|
|authorization_endpoint|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/auth"|
|token_endpoint|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/token"|
|token_introspection_endpoint|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/token/introspect"|
|userinfo_endpoint|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/userinfo"|
|end_session_endpoint|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/logout"|
|jwks_uri|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/certs"|
|check_session_iframe|"https://keycloak_host_2:8445/auth/realms/master/protocol/openid-connect/login-status-iframe.html"|

for both servers. I’d like to replace the keycloak_host_1 and keycloak_host_2 with a common, external reachable DNS name.

What part of configuration I need to modify for this?

Best
Gerald

jangaraj · February 20, 2020, 10:09am

https://www.keycloak.org/docs/latest/server_installation/#_setting-up-a-load-balancer-or-proxy

Topic		Replies	Views
Frontend- and backendurls published in well-known/openid-configuration Configuring the server	0	337	November 25, 2022
Proxy Setup - Well Known config urls Getting advice admin-console , oidc	1	1219	April 7, 2021
Changing identity provider redirect uri to use KC_HOSTNAME instead of KC_HOSTNAME_ADMIN Configuring the server identity-brokering	5	1229	February 17, 2024
Stuck at making an instance of Keycloak worth with multiple frontend URLs Configuring the server authentication	2	1019	May 8, 2023
Stuck: understanding frontendurl/baseurl, and configuring registration pages Getting advice	8	23761	April 7, 2021

Set Hostname for OpenID endpoints in domain mode

Related Topics