I have a Keycloak instance deployed on a test server, brought up by docker-compose, behind a gateway. I have created a my-web-app client whos client protocol is openid-connect and access type is public. This client will authenticate users with the authorization code flow.
PROXY_ADDRESS_FORWARDING is set to true, and the FRONTEND_URL variable is set to test-server-address/auth. I have configured the Valid Redirect URIs for my-web-app client to be test-server-address/* and 127.0.0.1:8080/*. The web origin is set to “+”. I have no issues when accessing the web-app from test-server-address, and can successfully authenticate.
I am however running into an issue when I’m developing locally, accessing my web-app from 127.0.0.1:8080 and attempting to connect to the test-server Keycloak for authentication.
- I am prompted with a login screen (url is still 127.0.0.1:8080/)
- I submit my authentication details
- I receive the following error prompt “We are sorry… An error occurred, please login through your application”, but the url in the address bar has changed to test-server-address/:
- Checking the test-server keycloak logs, I see that there was an invalid_code error.
I’m a bit stuck - Is what I’m trying to accomplish possible to setup?