Setting a custom token issuer for a Keycloak realm

Hi,

probably I missed some elementary config handle, but does Keycloak allow to set the OIDC token issuer for a given realm?

Example scenario

Keycloak instance lives at:

https://kc.example.com

Realm test is at

https://kc.example.com/auth/realms/test

The OIDC Issuer is:

https://kc.example.com/auth/realms/test

Is it possible to customize the issuer set in tokens, to be, for instance:

https://test.example.com

?

This would assume that a reverse proxy is deployed in front of the keycloak instance
to map requests for

https://test.example.com/.well-known/openid-configuration

to

https://kc.example.com/auth/test/.well-known/openid-configuration

Thanks for your help!

2 Likes

you cannot customize it at the moment, there is an ongoing discussion going that started from this topic here https://issues.redhat.com/browse/KEYCLOAK-15553

2 Likes