Invalid_token: Token verification failed" with Traefik v2.5 / Symfony 6 / Docker setup

[Tosh Y]

I'm currently trying to setup Keycloak for oauth2 for my Symfony 6 application (with docker) behind Traefik (2.5), and after setting everything up, I keep getting a response back from keycloak with a 401 status code saying "Token verification failed". This response originates from what it seems the "WWW-Authenticate" header. 

Without having any further knowledge about Keycloak, I would like to know on what grounds the token authentication possible could fail.

Regards,

Ilyass

p.s. 

I've created a SO issue regarding this as well, which can be found here. I'm tempted to think it has something to do with the proxy and/or the login action using the user IP, whereas code to token action uses the application docker IP, therefore failing to verify.

[Zhandos]

I haven't face this issue myself, but here are some things to check inside the Access token:

Have you made sure that Access token is active ? That is its iat (issued at) is not in the future and exp (expiration time) has not passed ?

Other checks that Keycloak does are:

- Make sure realmUrl is equal to the issuer

- Make sure subject is present in the token

- Make sure Token type is Bearer