[keycloak-dev] Invalid value for iss
Stian Thorgersen
stian at redhat.com
Wed Mar 25 10:07:33 EDT 2015
According to the spec 'iss' should be:
REQUIRED. Issuer Identifier for the Issuer of the response. The iss value is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components
However, we only use realm name. As that's invalid according to the spec (and also the same iss used for multiple KC servers) I propose we change it to:
<AUTH URL>/realms/<REALM-NAME>
For example:
http://localhost:8080/realms/master
More information about the keycloak-dev
mailing list