skip to Main Content

Maybe I’m doing something wrong.

I’m running KeyCloak + MariaDB using docker, and docker-compose, and I also expose it to the web using nginx.

I have defined a Development realm and a UserApi client id.

Now I’m trying to test it using their web app.

When I press signin, it redirects me to the login page. But when I login and come back, I don’t see my first name and last name there.

I see this in browser console:

Access to XMLHttpRequest at ‘https://accounts.zoodexchange.com/auth/realms/Development/protocol/openid-connect/token’ from origin ‘https://www.keycloak.org’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

You can login using [email protected] as email and 100 as password.

I searched a lot, but I couldn’t find anything.

How can I configure CORS in KeyCloak?

2

Answers


  1. Chosen as BEST ANSWER

    Well, sometimes docs can be really misleading.

    I found that it's called Web Origins instead of CORS.

    It's located in client's setting and should be configured for each client separately.

    And according to help, you can simply write + to allow origins that are valid for redirection, which you might have specified a couple of fields above Web Origins. Or you can simply put * there to allow all origins.


  2. We need to do following things for keycloak latest UI

    1. Web Origin must be like "http://localhost:4200" and should not be "http://localhost:4200/" [extra slash will create problem]
    2. We need to add web origin in client scope as default.
    3. If we assign client scopes to role then we have to assign this role to user
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search