Keycloak 22 can't open admin console.

2,364 views
Skip to first unread message

Dmitri Zamysloff

unread,
Aug 25, 2023, 9:37:40 AM8/25/23
to Keycloak User
Opening admin console keeps up showing "Loading the Admin UI". The installation is in k8s cluster using RedHat Operator. I have already restarted both pods (two replicas) - no result. Any suggestions? Thank you in advance.

Dmitri Zamysloff

unread,
Aug 25, 2023, 10:27:54 AM8/25/23
to Keycloak User
There is no hints in keycloak log in both replicas.
Cleaned all cookies and cache in browser. That what I have including one cookie with alphaNum key and value.
Any ideas? Thanks!

Bildschirmfoto 2023-08-25 um 16.20.56.pngBildschirmfoto 2023-08-25 um 16.22.51.png

Dmitri Zamysloff

unread,
Nov 16, 2023, 6:52:45 AM11/16/23
to Keycloak User
Any ideas or help. It looks like keycloak operator did an update and after that we were not able to reach the admin console. Is there anything which can be checked?

Yi SONG

unread,
Nov 17, 2023, 3:43:49 AM11/17/23
to Keycloak User
Hello,
I think it is behind a reverse proxy, you need set KC_PROXY to correct value. https://www.keycloak.org/server/reverseproxy
Also you could check the logs of your proxy and id-provider.
Best regards,

Dmitri Zamysloff

unread,
Nov 20, 2023, 10:28:13 AM11/20/23
to Keycloak User
I read more forums and found out that the errors which I was seen in console 403 Forbidden to init and to auth can be because of webOrigin. First over CLI I changed web origin of security-adminconsole client from original ["+"] to ["*"]. After that I started getting 400 saying that redirectUri is wrong. With CLI I changed also redirectUris of console client from ["/admin/master/console/*"] to ["*"]. And I was able to come to login page. After I entered all credentials I was getting following printed directly in browser content:

Unexpected Application Error!
NetworkError when attempting to fetch resource.
fetchWithError@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:67:121308
requestWithParams@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:67:124017
async*request/<@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:67:122508
WhoAmIContextProvider/<@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:85:223545
useFetch/<@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:85:222760
Rj@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:24284
Ik@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:42317
Fk@https://<mydomain>/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:36576
jg@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:38:3268
Sk@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:37120
rl@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:53175
sl@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:53358
reactDom_production_min.render@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:40:57054
@https://<mydomain>/resources/i5wgf/admin/keycloak.v2/assets/index-5be21fbf.js:85:362105

I don't have any clue what to do next. Does anybody can help?

Dmitri Zamysloff

unread,
Nov 22, 2023, 6:23:28 AM11/22/23
to Keycloak User
Just installed absolutely new instance with empty database using operator 22.0.5. Have same issue!!! When I open context path of keycloak and then do click on Administration Console I am comming into infinite loading. The cause for that is this call in browser application

https://<keycloak_domain>/realms/master/protocol/openid-connect/login-status-iframe.html/init?client_id=security-admin-console&origin=https://<keycloak_domain>

which ends up with 403. As I said above it is absolutely fresh installation of Keycloak on OKD (OpenShift) using Keycloak Operator 22.0.5 provided by Red Hat

Here is Keycloak Resource:

apiVersion: k8s.keycloak.org/v2alpha1
kind: Keycloak
metadata:
  labels:
    app: id-server
spec:
  db:
    database: <dbname>
    host: <db_host>
    passwordSecret:
      key: password
      name: <dbsecret>
    port: 5432
    usernameSecret:
      key: username
      name: <dbsecret>
    vendor: postgres
  hostname:
    hostname: <keycloak_host>
    strict: false
  http:
    httpEnabled: true
  instances: 2

I have tried to enable admin2 feature, thinking that admin2

What is wrong in this configuration? Or there is a problem in keycloak?

Dmitri Zamysloff

unread,
Nov 22, 2023, 6:34:44 AM11/22/23
to Keycloak User
PROBLEM SOLVED!!!

New property need to be set near hostname:
adminUrl: https://<keycloak_host>

Francesco Corbetta

unread,
Nov 22, 2023, 7:38:24 AM11/22/23
to Keycloak User
thanks for sharing the solution!

Il giorno mer 22 nov 2023 alle ore 12:34 Dmitri Zamysloff
<d.zam...@dzcs.com> ha scritto:
>>>>>> Dmitri Zamysloff schrieb am Freitag, 25. August 2023 um 15:37:40 UTC+2:
>>>>>>>
>>>>>>> Opening admin console keeps up showing "Loading the Admin UI". The installation is in k8s cluster using RedHat Operator. I have already restarted both pods (two replicas) - no result. Any suggestions? Thank you in advance.
>
> --
> You received this message because you are subscribed to the Google Groups "Keycloak User" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/5d3ac81c-98ba-4935-9fff-62403846b210n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages