How to access KeyCloak endpoints via proxy API

0
votes

I currently have the following architecture

APP -> API -> KeyCloak

I want the APP to be able to send requests to my API which will then internally proxy certain requests to KeyCloak. For example, I'd like to make a request to the /userinfo endpoint in KeyCloak through my API. If I can figure this out I can then perform more complex features.

APP -> http://api:port/api/userinfo API -> http://keycloak:port/auth/realms/quartech/protocol/openid-connect/userinfo

I have a valid JWT Bearer token. As I can directly make the request to KeyCloak successfully, however if I attempt to make the request via my API it returns 401. Even though it is using the same JWT Bearer token.

I believe it has something to do with configuring the KeyCloak client to allow requests to come from the API. But so far I haven't been able to figure it out.

1
apioauthproxyopenid-connectkeycloak
I've added the following headers to the API proxy request and it still doesn't work. Authorization: Bearer [token] X-Forwarded-For: [original host] X-Forwarded-Proto: [original scheme] X-Forwarded-Port: [original port] ProxyPreserveHost: OnFosol
When I started using proxy/load balancer I have to add PROXY_ADDRESS_FORWARDING=true for my Keycloak docker container. Here is documentation that may be useful: Setting Up a Load Balancer or ProxyYuriy P

1 Answers

0
votes

I've discovered it required a DNS entry to local development within a Docker container.

I've edited the hosts file and added a 127.0.0.1 keycloak and then al