Bob, Thanks for your quick response. I tried the following but it still doesn't work resources: - uri: /protected/* - uri: /* white-listed: true Now I get the following error message: [error] you've asked for a default denial but whitelisted everything Apparently it doesn't like me marking /* as white-listed. I tried reversing it and marking /protected/* as white-listed and that worked but I am trying to do the reverse of that. I want /* to not require auth, so I can tell people about the site, etc, and provide a link to the authenticated (login) area in /protected/* Thanks - Nick -----Original Message----- From: keycloak-user-bounces at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user> [mailto:keycloak-user-bounces at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user>] On Behalf Of Bob Sheknowdas Sent: Wednesday, Jul 17, 2019 2:08 AM To: keycloak-user at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user> Subject: [keycloak-user] Gatekeeper container automatically adds /* uri resource? -----Original Message----- From: keycloak-user-bounces at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user> [mailto:keycloak-user-bounces at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user>] On Behalf Of Nick Powersia Sent: Tuesday, July 16, 2019 7:55 PM To: keycloak-user at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user> Subject: [keycloak-user] Gatekeeper container automatically adds /* uri resource? *>>* Below is a snip from my Gatekeeper configuration, related to resources. I *>* only have /protected/* listed as a uri resource but loading the index at / *>* still initiates a login. I see from the logs (see below) that both *>* /protected/* and /* are being protected. How do I make it so only *>* /protected/* is a protected resource and the main /* of my site doesn't *>* require authentication? *>>* I was able to HACK (see below) it so that /* was only authenticated for a *>* single method (DELETE) by defining /* as a uri resource with just DELETE *>* listed under methods: but I would rather have a solution that works for all *>* methods. Is anyone aware of a way to tell gatekeeper not to authenticate *>* for /* and only do so for /protected/*? *>>* Thanks in advance! :) - Nick *>>* SNIP from my gatekeeper configuration: *>>* resources: *>* - uri: /protected/* *>>* LOGS showing both /protected: *>>* gatekeeper | {"level":"info","ts":1563319972.1478412,"msg":"protecting *>* resource","resource":"uri: /protected/*, methods: *>* DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication *>* only"} *>* gatekeeper | {"level":"info","ts":1563319972.1482553,"msg":"protecting *>* resource","resource":"uri: /*, methods: *>* DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication *>* only"} *>>* My HACK config: *>>* resources: *>* - uri: /protected/* *>* - uri: /* *>* methods: *>* - DELETE*