[keycloak-user] Configuring KC adapter through ENV/programatically

cen imbacen at gmail.com
Thu Sep 15 05:55:13 EDT 2016 

There is something weird about ENV vars in keycloak.json. It works if I 
run my service from Eclipse but I am getting "Invalid token signature"

when running it in Docker (which in my experience means something in 
json is broken/not loaded correctly). As soon as I physically copy the 
keycloak.json into the container it starts working again.

No idea why really but something about that environment prevent 
keycloak.json to load correctly with ENV vars.


The multi-tenancy example seems promising, thanks.


Thomas Darimont je 15. 09. 2016 ob 10:13 napisal:
> Hello,
>
> you can use env-variables in Keycloak.json - see paragraph after the config
> example:
> https://keycloak.gitbooks.io/securing-client-applications-guide/content/v/2.2/topics/oidc/java/java-adapter-config.html
>
> Cheers,
> Thomas
>
> 2016-09-14 13:30 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:
>
>> What adapter? Java adapters has support to write your own config loader
>> (see multi-tenancy example). For JavaScript adapter make your web server
>> dynamically create the keycloak.json.
>>
>> On 14 September 2016 at 11:30, cen <imbacen at gmail.com> wrote:
>>
>>> Hi
>>>
>>> We have a Java REST microservice which is configured as a whole through
>>> environment variables and deployed in Docker.
>>>
>>> We can't provide production keycloak.json at Docker build time because
>>> then it becomes a specific container for a specific deployment. We want
>>> to keep the container unconfigured and neutral, ready to be deployed
>>> with any Keycloak server.
>>>
>>> At the moment we have an additional step in production deployment that
>>> copies the correct keycloak.json into a running Docker container and
>>> restarts it.
>>>
>>> Ideally though, we would like to provide keycloak.json through an
>>> environment variable or load it dynamically from etcd/zookeeper/similar.
>>>
>>> is it possible to somehow configure the Keycloak adapter at runtime?
>>>
>>>
>>> Best regards, cen
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>

More information about the keycloak-user mailing list