Hi, I have deployed Keycloak Gatekeeper to Kubernetes using helm chart here: https://hub.kubeapps.com/charts/gabibbo97/keycloak-gatekeeper/1.2.1 The configuration I used is: listen=0.0.0.0:3000 --set discoveryURL=https://domain.com/auth/realms/manager --set upstreamURL=http://up-domain.com:port --set ClientID=manager --set ClientSecret=$secret --set rules={"uri=/*|roles=manager"} --set droolsPolicyEnabled=false My intended use case for Keycloak Gatekeeper is use it to secure API services. 1.) I imagine the flow will be like Angular frontend (using JS Adapter) to login the user. 2.) Angular frontend will receive Bearer Token from authentication. 3.) Angular frontend will send Bearer Token to Keycloak Gatekeeper to access needed resources. So far I tested accessing the resource directly by accessing the 0.0.0.0:3000 via kubectl portfoward. Which worked fine. I was redirected to the login page then redirected to the resource after successful login. However, I tried mimicking my intended workflow via Curl. (Similar to this https://medium.com/@vcorreaniche/securing-serverless-services-in-kubernet... ) 1.) I was able to get the access token and refresh token from using: curl -X POST \ 'https://domain.com/auth/realms/manager/protocol/openid-connect/token' \ -H "Content-Type: application/x-www-form-urlencoded" \ -d 'username=manager1&password=<manager1_passowrd>&grant_type=password&client_id=manager-service&client_secret=<secret>' 2.) I'm getting a HTTP 307: Temporary Redirect. When I try to access the resource using: curl -H 'Authorization: Bearer <access_token>' \ --proxy http://127.0.0.1:3000 http://up-domain.com/api/v1/manager \ -v * Trying 127.0.0.1... * TCP_NODELAY set * Connected to 127.0.0.1 (127.0.0.1) port 3000 (#0) < HTTP/1.1 307 Temporary Redirect < Content-Type: text/html; charset=utf-8 < Location: /oauth/authorize?state=8688edc1-f05d-49c5-ae33-f4f10605d8d8 My question: Is my intended work flow viable using Keycloak Gatekeeper? Or Did I do something wrong? PS: My Keycloak version is 5.0 and I change the image being pulled by the helm chart above to 5.0.0 because the 4.8.0.Final cant be found. *Note: droolsPolicyEnabled is set to false since it was causing issue in starting Keycloak.