Rather than hacking Keycloak you should figure out why your token audience
doesn't match. For a token to be valid it has to been issued by the same
server URL and realm. It's an important check and we wouldn't accept a
feature that prevents it.
On 11 October 2016 at 17:07, Mátyás Bachorecz <bachoreczm(a)gmail.com> wrote:
Hi,
we have a multi-component project, and all components running in one
machine, also Keycloak.
We would like to obtain token via curl, and our components would like to
validate it, but they can't, because we've got:
"Token audience doesn't match domain. Token issuer is " +
token.getIssuer()
+ ", but URL from configuration is " + realmUrl (RSATokenVerifier.java)
I would like to implement a new feature: a new checkbox or something else
to realm settings page, which can switch off the above mentioned feature.
I've read that I should write an email here if I would like to implement
something. Is it ok, or how it works?
Br,
Matyi
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev