[keycloak-user] CORS headers not sent issue
GRMAN, Tomas
Tomas.GRMAN at orange.com
Tue Oct 4 11:10:34 EDT 2016
Hello
I have come across weird issue regarding CORS implementation in Keycloak (ver. 2.2.1 )
I have properly specified "Web Origins" settings in Admin Console for the OIDC client.
The problem is that the CORS headers (Access-Control-Allow-Origin) are not sent for all the requests coming towards idp.example.com (Implicit Flow)
https://idp.example.com/auth/realms/test/.well-known/openid-configuration (CORS headers are sent)
https://idp.example.com/auth/realms/test/protocol/openid-connect/certs (CORS headers are not sent)
Is there something more to be configured in order to make Keycloak send CORS headers with all the requests? Maybe a bug?
Curently I have added CORS headers on NGINX reverse proxy for this endpoint. (certs)
Any advice is appreciated :)
Tomas Grman
More information about the keycloak-user
mailing list