[keycloak-user] Frontend and backend on separate servers

Dmitry Telegin dt at acutus.pro
Wed Jul 18 11:55:40 EDT 2018

Hi Nikola,

On Fri, 2018-07-13 at 09:49 +0200, Nikola Malenic wrote:
> I would like to host backend on secured network, i.e. it would be
> accessible
> only from certain IPs.
> Frontend (Angular application) would be served by different server in
> public
> zone, which would have access to the secured network because requests
> from
> it's IP would be allowed to go through firewall.

I'm afraid that won't help you much since the actual requests to
Keycloak will originate from clients' browsers, not from your front-end 

Could you please elaborate on the problem you're trying to solve?

If you simply want your Keycloak in DMZ, but accessible from public
network (in a controlled way), how it is different from the standard
HTTP reverse proxy scenario?

Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training

Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro

> Is it possible to achieve this in an easy way? I wouldn't like to
> implement
> proxy endpoints for all backend services in secured zone.
> Many thanks,
> Nikola
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list