We have our own login page for our SPA application. Our application sends the token request with user id and password. Being that passwords sometimes have characters like @ and # and others, the characters get urlencoded because the request is of “content-type: application/x-www-form-urlencoded” and typescripts fetch api does that for the request as it probably should.
However, I’m unable to login using passwords that get change due to url encoding. While using curl to get a token from the endpoint, I can get the token. If I turn urlencoding on in curl, I can no longer get the token.
This seems to indicate that keycloak 11.0.0 doesn’t do urldecoding on token requests.
Turns out there is a error in our frontend code that is encoding it.