Hello,
I am using jitsi with secure domain authentication which uses jwt. I am using keycloak for authentication but because jitsi’s jwt format is different, there is another layer called GitHub - d3473r/jitsi-keycloak: Login to jitsi with keycloak https://hub.docker.com/r/d3473r/jitsi-keycloak which is used.
Here is my setup
- AWS EC2 with jitsi running on MYDOMAIN_dot_com
- Another AWS EC2 running
2.1) jitsi-keycloak ( https://jk.MYDOMAIN_dot_COM )
2.2) keycloak ( https://auth.MYDOMAIN_dot_COM) and postgres inside separate docker containers
I create a client in MASTER realm and user (user1) in MASTER realm. All works perfect with this setup. When I access jitsi, it redirects to jk.MYDOMAIN.com which presents keycloak login screen. I use user1 credentials to login and then I am able to use jitsi.
Now the problem starts when I DO NOT USE MASTER realm. I read that you should not use master realm, and create a separate realm. Therefore, I created a new realm (realm1) . Created a new client inside this realm1 and a new user (jitsiuser1) inside this realm. The problem happens when I use this (NON-MASTER) realm. I get below error
Access to XMLHttpRequest at 'https://auth.MYDOMAIN.com/auth/realms/VC%20Realm/protocol/openid-connect/auth?client_id=vctestclient&state=e4bbde20-34e8-4d42-89ac-a1ac03724948&redirect_uri=http%3A%2F%2Fjk.MYDOMAIN.com%2Fapi%2Fconfig%3Fauth_callback%3D1&scope=openid&response_type=code' (redirected from 'https://jk.MYDOMAIN.com/api/config') from origin 'https://jk.MYDOMAIN.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.