Hey folks,
Looks like Keycloak is not configured correctly. In when attempting to go to the console URL, the browser console shows this error= 'refused to frame ‘http://identity.mydomain.com’ because it violates the following content security policy directive: "frame-src ‘self’.
Mysetup - i’ve got cloudflare tunnel going to the same box which is publicly accessible at the problem URL ‘https://identity.mydomain.com’. Which targets keycloak.local (internal dns which points to same box). This is also configured to forward ‘keycloak.local’ as a host header which is then picked up by kubernetes ingress and forwards to keycloak service.
I’m not sure if i should modify the content security policy (which i dont know yet). Or if i’m missing some configuration point for keycloak regarding hostnames.
Any thoughts suggestions?