I have a tomcat 7 running with two web applications deployed , called ROOT and web client. I created a realm in keycloak and two applications. Configures tomcat with the correct json files. When I log in in Root it works fine, when I login in web client it works fine. But the following is the case. Both application are not owned by my , so I can not change the code. I login in ROOT, this application connects to web client through a rest call, this restcall results in a redirect to keycloak because I’m not logged in. the result of this is :

XMLHttpRequest cannot load https://keycloak-accdev.planoncloud.com/auth/realms/auth/protocol/openid-co…atorDataService&state=10%2Ff14baad8-c385-4221-b86a-0ac2f0cf8d6a&login=true. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://auth-proddev.planoncloud.com' is therefore not allowed access.

To the json file. And added the keycloak url to web origin of both apps in the keycloak manager, but still I got the same result. What do I do wrong? Please advice.