Re: [keycloak-user] Invalid parameter: redirect_uri behind reverse proxy

Hello, wWhen opening the admin console: https://keycloak.mysite.com/auth/admin/. The page is redirecting to: https://keycloak.mysite.com/auth/realms/master/protocol/openid-connect/au... But I get this message: Invalid parameter: redirect_uri It seems that keycloak doesn't like the https in the redirect. Can it be? My Keycloak is behind a reverse proxy. I setup the following tags in standalone.xml: <http-listener name="default" socket-binding="http" enable-http2="true" proxy-address-forwarding="true" redirect-socket="proxy-https"/> <socket-binding name="proxy-https" port="443"/> My reverse proxy is also setting headers: Host, X-Real-IP, X-Forwarded-For, X-Forwarded-Proto. Using tcpdump, I can see the following headers: GET /auth/resources/4.4.0.final/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2 HTTP/1.0 Host: keycloak.staging.waziup.io X-Real-IP: 18.195.197.182 X-Forwarded-For: 217.77.82.229, 18.195.197.182 X-Forwarded-Proto: http Connection: close User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://keycloak.staging.waziup.io/auth/resources/4.4.0.final/login/keycl... Cookie: _ga=GA1.2.823033289.1537866165; _gid=GA1.2.861449812.1537866165 Pragma: no-cache Cache-Control: no-cache Are they correct? Thanks a lot Corentin _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user