[keycloak-user] CORS headers not sent issue

Tuesday, 4 October 2016

Hello

I have come across weird issue regarding CORS implementation in Keycloak (ver. 2.2.1 )

I have properly specified "Web Origins" settings in Admin Console for the OIDC
client. 
The problem is that the CORS headers (Access-Control-Allow-Origin) are not sent for all
the requests coming towards idp.example.com (Implicit Flow)

https://idp.example.com/auth/realms/test/.well-known/openid-configuration (CORS headers
are sent)

https://idp.example.com/auth/realms/test/protocol/openid-connect/certs (CORS headers are
not sent)

Is there something more to be configured in order to make Keycloak send CORS headers with
all the requests? Maybe a bug?

Curently I have added CORS headers on NGINX reverse proxy for this endpoint. (certs)

Any advice is appreciated :)

Tomas Grman

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

[keycloak-user] CORS headers not sent issue