Re: [keycloak-user] Token audience doesn't match domain.

I have my keycloak 1.6.1-final cluster running behind a Netscaler that terminates the SSL connections, therefore communication from the Netscaler to Keycloak is http but from the Internet to the Netscaler is https. We’ve managed the rewrites so that logging in works however we’re now getting an error that the token audience doesn’t match the domain because the issuer is http://keycloakserver but the URL from configuration is https://keycloakserver. Is there a way to make this configuration work? When the error says “URL from configuration” does it mean the java app configuration or the Keycloak configuration? Thank you. *** This communication has been sent from World Fuel Services Corporation or its subsidiaries or its affiliates for the intended recipient only and may contain proprietary, confidential or privileged information. If you are not the intended recipient, any review, disclosure, copying, use, or distribution of the information included in this communication and any attachments is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this communication and delete the communication, including any attachments, from your computer. Electronic communications sent to or from World Fuel Services Corporation or its subsidiaries or its affiliates may be monitored for quality assurance and compliance purposes.*** _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user