Keycloak 26 modifies redirect URI hostname when running behind IIS proxy #37102

[Siraj M Saha]

Hi,

Can anyone help to fix this issue?

When using Keycloak 26 behind an IIS proxy, the redirect_uri is being modified from http://localhost:5267/scalar/v1 to https://domain.com/scalar/v1 after successful authentication. This happens even though the proxy headers and Keycloak configuration seem correct.

KC_HOSTNAME=${KEYCLOAK_HOSTNAME}
KC_HOSTNAME_URL=https://${KEYCLOAK_HOSTNAME}
KC_PROXY_HEADERS=forwarded
Version
26

[Siraj M Saha]

Thank you for pointing out the invalid environment parameters. I have removed them.

The proxy works as expected when using the admin console or account page. However, when integrating with the application using implicit flow, I am encountering the issue

Upon authentication challenge the application redirects to
https://mydomain.com/realms/testrealm/protocol/openid-connect/auth?response_type=token&client_id=test&redirect_uri=http://localhost:5267/scalar/v1

And after authentication is successful it is expected to redirect to http://localhost:5267/scalar/v1#session_state... however it redirects to https://mydomain.com/scalar/v1#session_state...

The base address of the redirect URI (parameter redirect_uri) is modified to keycloak hostname

[Joel Jean]

Hello Mister how are you doing?

--
You received this message because you are subscribed to the Google Groups "Keycloak User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/keycloak-user/7478e3cb-56cc-4fcc-909b-befab0a6df4fn%40googlegroups.com.