Stack Overflow
Stack Overflow

Questions tagged [keycloak-gatekeeper]

Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services. Gatekeeper is an application for use with OpenID Connect (OIDC) that supports both access tokens in a browser cookie or bearer tokens. Please use this tag for asking question regarding Keycloak Gatekeeper here. For more details please see documentation https://www.keycloak.org/docs/latest/securing_apps/index.html#_keycloak_generic_adapter

Links:

94 questions
48
votes
4 answers

Keycloak-gatekeeper: 'aud' claim and 'client_id' do not match

What is the correct way to set the aud claim to avoid the error below? unable to verify the id token {"error": "oidc: JWT claims invalid: invalid claims, 'aud' claim and 'client_id' do not match, aud=account, client_id=webapp"} I kinda worked…
arkadiy kraportov
  • 3,679
  • 4
  • 33
  • 42
9
votes
2 answers

Keycloak redirect page shows We are sorry.. page not found

I have deployed keycloak on my EKS cluster and able to access dashboard successfully and created a new realm already. So I thought of testing my keycloak, and went to https://www.keycloak.org/app/ for testing. I have created a client with the root…
Prashant Gupta
  • 153
  • 1
  • 2
  • 11
8
votes
3 answers

how to get the roles in access token: keycloak

what I am trying to do: I have an app that takes in login credentials: username and password for a user. I have a rest api that internally calls the keycloak REST API: /auth/realms/realmname/protocol/openid-connect/token and gets the access token…
Omi
  • 976
  • 2
  • 20
  • 35
7
votes
1 answer

Running User Interfaces and APIs behind keycloak gatekeeper

New to keycloak, and authentication in general, so sorry for missing something obvious, and not using accurate terminology. I'm trying to run a simple Angular UI that talks to a Java (dropwizard) API. I'd like both of those to need auth. I'm…
IveGotNoIdea
  • 73
  • 2
6
votes
0 answers

When should I use Keycloak Gatekeeper?

I am really new to this authentication stuff. So from what I understand, Keycloak is used for authentication and authorization, and to use it you need what is called an adapter. After googling and reading their documentation…
Shani
  • 61
  • 2
5
votes
2 answers

Getting "Elastic did not load properly. Check the server output for more information." when accessing through gatekeeper

I'm using a Gatekeeper (quay.io/keycloak/keycloak-gatekeeper:10.0.0) for SSO with keycloak (docker.io/jboss/keycloak:11.0.2) on Kibana (docker.elastic.co/kibana/kibana-oss:7.10.1) My gatekeeper config: discovery-url: http://{{ index…
Ohad Malinovsky
  • 71
  • 2
  • 5
5
votes
2 answers

How to redirect keyclock to application's page and get token

I am using keycloak's login and registration page. For login I use: keycloak.init({onLoad: 'login-required'}).then(function (authenticated) { if (!authenticated) { } else{ } This works fine as I can use the…
marcg
  • 552
  • 1
  • 8
  • 20
5
votes
0 answers

Keycloak LOGIN_ERROR when accessed through iFrame

Facing issue with Keycloak login when trying to access it using iFrame. I am getting following error: 2020-08-29 04:06:50,976 WARN [org.keycloak.events] (default task-9654) type=LOGIN_ERROR, realmId=34d62e4f-f267-4f1a-8ec7-075e5046543b,…
vaibhav tripathi
  • 121
  • 1
  • 4
4
votes
1 answer

Keycloak gatekeepr behind nginx ingress reverse proxy

Objective: Keycloak gatekeeper deployment when nginx ingress has active rewrite-target feature. Ingress rewrites target according to: rewrite.bar.com/something/ rewrites to rewrite.bar.com/ rewrite.bar.com/something/new rewrites to…
Pawel.S.
  • 216
  • 1
  • 5
4
votes
1 answer

How to set custom headers with Keycloak Gatekeeper?

I have Keycloak and Keycloak-Gatekeeper set up in OpenShift and it's acting as a proxy for an application that is running. The application that Keycloak Gatekeeper is proxying requires a custom cookie to be set so I figured I could use the…
DanOpi
  • 133
  • 2
  • 12
4
votes
1 answer

keycloak gatekeeper doesn't block any request

I am trying using keycloak + keycloak-gatekeeper for authorization in a personal api: api.mydomain.com. so far i have done: Created a realm MY-REALM in keycloak, the URL for keycloak is https://auth.mydomain.com Created a confidential client in the…
Christian
  • 75
  • 7
4
votes
2 answers

Keycloak gatekeeper: set base URL

I'm not able to find a way to update the base URL of my keycloak gatekeeper sidecar. My configuration works well with services set to the base URL(ex: https://monitoring.example.com/), not with a custom base path(ex:…
Matt
  • 4,309
  • 7
  • 38
  • 52
3
votes
1 answer

Unable to authenticate the request" err="invalid bearer token

I am trying to get my kubernetes dashboard authenticated using the keycloak identity provider but getting the invalid bearer token. Here are the details. For keycloak, i have already setup a client - gatekeeper, user - alice part of group -…
sb9
  • 370
  • 3
  • 17
3
votes
1 answer

How does Keycloak determinate a User in new browser window?

I try to make sense of following problem: There is: app1.gatekeeper-test.com app2.other-url.com Those two Clients(app1, app2) are in the same realm (secured behind 2 Gatekeepers) Both are pointing to the same ressource server - Cookies are…
noircc
  • 650
  • 10
  • 28
3
votes
0 answers

Is there a way to disable user registration in Keycloak realm's local database as part of first broker login?

As per Keycloak documentation when the user is logs in through identity brokering, Keycloak checks and creates user in realms local database as part of First Broker Login Flow. Is there a way to disable user onboarding in Keycloak local database and…
Naresh Reddy
  • 350
  • 1
  • 3
  • 7
1
2 3 4 5 6 7