[keycloak-user] Version API endpoint removed in 4.2.1?

Dockendorf, Trey tdockendorf at osc.edu
Wed Aug 8 15:49:00 EDT 2018


Yep, I already updated our Nagios checks to use that URL.

Thanks,
- Trey

--
Trey Dockendorf
HPC Systems Engineer
Ohio Supercomputer Center

From: Hynek Mlnarik <hmlnarik at redhat.com>
Date: Wednesday, August 8, 2018 at 6:21 AM
To: "Dockendorf, Trey" <tdockendorf at osc.edu>
Cc: keycloak-user <keycloak-user at lists.jboss.org>
Subject: Re: [keycloak-user] Version API endpoint removed in 4.2.1?

Version endpoint was removed to mitigate risk of revealing potentially sensitive information to an attacker.

Can you use e.g. /auth/realms/master/.well-known/openid-configuration for the same?

--Hynek



On Tue, Aug 7, 2018 at 5:36 PM Dockendorf, Trey <tdockendorf at osc.edu<mailto:tdockendorf at osc.edu>> wrote:
I updated a test node to 4.2.1 from 3.4.2 and notice /auth/version no longer works.  I use this endpoint with Nagios to check Keycloak is booted.  Is this removal expected and if so is there a viable alternative in 4.2.1?  I need something that requires no authentication.

4.2.1:
$ curl http://localhost:8080/auth/version
$

3.4.2:
$ curl http://localhost:8080/auth/version
{"version":"3.4.2.Final","build-time":"2017-12-21 12:57"}

--
Trey Dockendorf
HPC Systems Engineer
Ohio Supercomputer Center
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list