-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to change redirect_base variable on Nginx side without affecting authorization flow? #45
Comments
Please explain this in more detail. Why does Keycloak need to know which URI the end user requested? |
Hello @lcrilly, |
Each application has a unique hostname (FQDN)? Is there a common domain name (*.foo.com)? |
Hello @lcrilly, |
Hello,
As it is: we have many backend applications on which we want to enforce authentication. And Nginx should pass the correct request URI, which will be in the client’s configuration on Identity Provider’s side (KeyCloak). So, for each application we must create additional record in KeyCloak’s client parameters. In a situation where we have thousands of applications this is impossible, so we must change redirect_base variable on Nginx side. But when we tried to do this – request didn’t get some cookies (auth_redir primarily) and authorization flow didn’t work correctly.
Could you please suggest how to change this variable correctly without affecting the authorization flow? Or maybe there are other ways to fix the root cause of the problem?
The text was updated successfully, but these errors were encountered: