Re: [keycloak-user] Securing keycloak
This documentation piece should do exactly what you want:
https://www.keycloak.org/docs/latest/server_admin/index.html#ip-restriction
On Sun, Sep 16, 2018 at 10:25 AM GARDAIS Ionel <
ionel.gardais(a)tech-advantage.com> wrote:
Hi list,
Beside /auth/admin, are there any other URI that should be
secured/restricted to limit attack surface for a public facing keycloak ?
By the way, could it be useful to add a dedicated configuration entry
directly inside keycloak to restrict IPs allowed to make to low-level
actions ?
Thanks,
Ionel
--
232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON
Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832
301_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user