We're running our application on Openshift Online.
Of course it is secured by keycloak running in the same gear.
The openshift webconsole offers the possibility to import the
but when trying to access the application it throws the following error.
ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default
task-48) failed to turn code into token:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
What do I have to do to enable keycloak to find the stuf it needs?
Hello , i wan't to create CRUD using KeyCloak , i have an angularJS
application and it's use KeyCloak
My case is : i have screens in my application that contain sub screens and
every sub screen contain CRUD roles (CREATE , READ , UPDATE , DELETE) ,
it's may contain multi levels
the screenshot may make the case more clear
the normal client roles is not enough for me or maybe i miss understand
could you please help me how to create these roles in KeyCloak , or if
KeyCloak is support roles like this or if there is any other way to create
737 Walker Rd Ste 3, Great Falls, VA 22066
t: 443.333.4100 | f: 443.333.4101
The information transmitted is intended only for the person(s) to whom it
is addressed and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of, or taking of any
action in reliance upon, this information by persons or entities other than
the intended recipient is prohibited. If you received this in error, please
contact the sender and delete the material from any computer.
Does anyone have experiences with Keycloak 1.9 in an Apache2 reverse
In my test setup I am running Keycloak as a standalone service on port
8080. It is proxied behind an Apache HTTP Server that manages the SSL
communication and forwards requests to localhost:8080. The Apache side
of the proxy is working. However, the administration console web page
(auth/admin/master/console/) still contains plain http://... links
(should be: https://) to the JS components which, of course, is invalid.
Obviously the Keycloak service does not see (or ignores) the X-Forwarded
Am I missing something here?
I just downloaded the 1.9.0 final release, started the standalone server, created the initial admin user account and then tried to log in the admin console. I got the following error at that point:
Failed client authentication: org.keycloak.authentication.AuthenticationFlowException: Client was not identified by any client authenticator
The web page kept loading and the server had a lot of instance of the error above. I couldn’t go any further. What did I miss?
I need to add Active Directory attributes to the SAML assertion. Is there documentation on how to do this? Specifically I need to add givenName and sn to the assertion that already has the email attribute.
I was wondering if there would be an objection to change the default max number of users shown in the users overview screen in the base Keycloak admin theme? Manage - Users now shows a maximum number of 5 users per ‘page’. I think this is really low and hard to work with if, like us, you will have thousands of users in the system. We would like to have this default max number set to something, which I think seems more sensible, like 20.
It is set in the users.js JS (UserListCtrl) in the base Keycloak admin theme so I know that we can override this file and set our own default but we really do not want to do this as we want to use the default Keycloak admin console at this stage.
Ok if I create a JIRA feature request issue for this?