Setting a custom token issuer for a Keycloak realm

andreaceccanti · March 17, 2020, 5:02pm

Hi,

probably I missed some elementary config handle, but does Keycloak allow to set the OIDC token issuer for a given realm?

Example scenario

Keycloak instance lives at:

https://kc.example.com

Realm test is at

https://kc.example.com/auth/realms/test

The OIDC Issuer is:

https://kc.example.com/auth/realms/test

Is it possible to customize the issuer set in tokens, to be, for instance:

https://test.example.com

?

This would assume that a reverse proxy is deployed in front of the keycloak instance
to map requests for

https://test.example.com/.well-known/openid-configuration

to

https://kc.example.com/auth/test/.well-known/openid-configuration

Thanks for your help!

lucamaf · August 10, 2021, 4:18pm

you cannot customize it at the moment, there is an ongoing discussion going that started from this topic here https://issues.redhat.com/browse/KEYCLOAK-15553

Topic		Replies	Views
Create a custom identity provider and configure it with keycloak Extending the server oidc	4	13179	September 27, 2021
Invalid token issuer error with custom OIDC mapper in Keycloak 23 Extending the server authentication , oidc	4	180	March 1, 2024
OAuth2 IDP instead of OIDC Configuring the server authentication , identity-brokering , oidc	1	1146	October 3, 2020
Keycloak Cross Realm Token Exchange Securing applications authentication	2	1352	May 29, 2023
Keycloak operator with custom realm file using that I am trying to create an Identity provider authentication , oidc	0	608	January 17, 2022