[keycloak-user] Is it possible to pass the keycoak headers back to NGINX reverse proxy

Guy Bowdler guybowdler at dorsetnetworks.com
Tue Nov 8 13:22:23 EST 2016


We have an NGINX proxy in DMZ sending requests back to a Keycloak
Security Proxy protecting an app in trust.  We previously had this the
other way round with the keycloak proxy in front of NGINX and were able
to log the keycloak headers in the NGINX access logs.  

However, we've since had to reverse this situation and the browser only
seems to have the keycloak cookie, hence the NGINX reverse proxy can't
log the usernames any more.  Is there a way to make the nginx reverse
proxy aware of the keycloak headers? 

Ideally I'd prefer to get NGINX to redirect to keycloak, instead of the
keycloak security proxy but it's a bit beyond me at the moment. 



More information about the keycloak-user mailing list