Re: [Apiman-user] Token audience doesn't match domain when run inside Docker container

Hi Tim, Check the Realm in Keycloak OAuth Policy Configuration page it should match the one in the token. i hope this help. On Mon, Oct 12, 2015 at 7:43 AM, Tim Dudgeon <tdudgeon.ml(a)gmail.com <mailto:tdudgeon.ml@gmail.com>> wrote: Hi, I've been following this blog on using the OAuth policy: http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication... When I do this with Apiman running in a Docker container (jboss/apiman-wildfly from Dockerhub) I'm getting an error when I try to access the echo service: $ curl -k -H "Authorization: Bearer eyJhbGciO...<snip>" -s https://192.168.59.103:8443/apiman-gateway/Newcastle/EchoService/1.0 | jq { "type": "Authentication", "failureCode": 11004, "responseCode": 401, "message": "Token audience doesn't match domain. Token issuer is http://192.168.59.103:8080/auth/realms/stottie, but URL from configuration is http://127.0.0.1:8080/auth/realms/stottie";, "headers": {} } $ (192.168.59.103 is the IP address of the Docker host running in Boot2Docker). Any ideas where the wrong "URL from configuration" part is coming from? Tim _______________________________________________ Apiman-user mailing list Apiman-user(a)lists.jboss.org <mailto:Apiman-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/apiman-user