Keycloak Client settings, what URLs do I need?

keycloak thorntail
10,393

Root url is just a value that will be used for relative paths resolving.

  • Root: http://localhost:4200/sign-in
  • Valid Redirects: /* (After login user could be redirected to any URI that matches pattern http://localhost:4200/sign-in/*)
  • Base URL: / (Is not mandatory. Used when keycloak need to calculate application url by client_id only)
  • Admin URL: / (Used when Keycloak need to notify applications about revocation or when user logs out. For example when user logs out in application A if he has session in application B, Keycloak will send backchannel request to Admin URL of application B, so Application B will also flush user session in it)

Check out docs and info badges in Admin Console

Share:
10,393
cheesy
Author by

cheesy

Updated on July 27, 2022

Comments

  • cheesy
    cheesy over 1 year

    I have problems setting up Keycloak for a project I do. Keycloak is running on http://localhost:8180. Thorntail server is running on http://localhost:8080/users which serves data for an Angular frontend on http://localhost:4200/*. What I want to do is that a User can only see http://localhost:4200/sign-in without logging in. Once logged in they can access for example http://localhost:4200/list-user. I was using this guide to set up Keycloak, but I'm not sure what I my Client settings should be. This is what I thought:

    Root URL: http://localhost:4200/sign-in

    *Valid Redirect URIs: http://localhost:4200/list-user

    Base URL: http://localhost:4200/sign-in

    Admin URL: http://localhost:8080

    Somebody please explain the purpose of these settings as I struggle to understand.

  • Ahmad
    Ahmad almost 2 years
    I still don't understand Base URL, can you elaborate on this? I went to the documentation which says "This URL is used when Keycloak needs to link to the client" still I don't get what is the difference between this and root url
  • solveMe
    solveMe almost 2 years
    @Ahmad root URL never used directly, it's just a feature to reduce copy-pasting in other URL fields (base URL, redirect URIs, Admin URL etc...)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Flutter appauth Invalid parameter: redirect_uri
Authenticate flutter app with keycloak and openid_client
Keycloak adaptor for golang application
How to redirect keyclock to application's page and get token
Keycloak "Unexpected error when handling authentication request to identity provider"
Spring Boot - KeyCloak directed to 403 forbidden
Keycloak Access Token vs UserInfo token?
Using spring security annotations with keycloak
Keycloak - using admin API to add client role to user
Restricting access to the Keycloak Admin Console