Keycloak invalid redirect URI when deployed on openshift with https
I have keycloak 7.0.0 docker behind ssl-terminating ingress proxy on kubernetes.
If you are unable to login first time as administrator:
First, as described here, switch keycloak to http mode.
update REALM set ssl_required = 'NONE' where id = 'master';
Second, put
- name: KEYCLOAK_ALWAYS_HTTPS value: "true"
into your keycloak docker env.
After first step you will be getting "Invalid parameter: redirect_uri" error. Second step will fix that error and you will be able to login as administrator.
Your ingress should forward http port only.
All env variables for keycloak:
- name: KEYCLOAK_HOSTNAME value: "your.keycloak.host" - name: KEYCLOAK_ALWAYS_HTTPS value: "true" - name: KEYCLOAK_USER value: "admin" - name: KEYCLOAK_PASSWORD value: "password" - name: PROXY_ADDRESS_FORWARDING value: "true" - name: DB_VENDOR value: postgres - name: DB_ADDR value: <host> - name: DB_DATABASE value: keycloak - name: DB_USER value: keycloak - name: DB_PASSWORD value: keycloak