UPDATE: I even get 403 when there is no role requires, so I guess the problem is something else, but still any help is very much so appreciated.
Hey guys, new day new problem.
Now below you can see all my configurations, if you ask for something else I will also deliver that.
My problem is, even though I correctly set up my roles( realm roles), I have the correct keycloak config file and correct mapping, I still get access denied(403) on service/admin page and service/secured page. What can I do?
I believe the code is fine as well since itâs more or less the same with keycloakâs nodejs example.
Any help is appreciated.
Thanks so much for the reply, and no, I have discoreded that it is not just a role mapping problem, even when I change keycloak.protect(ârealm:adminâ) to keycloak.protect(), it still gives the same error.
What do you mean by âyou are authenticatedâ? If you are asking whether I have logined, yes I have(as user). Is there something else I should be doing?
I exactly have the same app, only changed port variable so I could deploy it onto IBM Cloud.
Anyway, I set up an access log on the server and saw ERR Could not obtain grant code: Error: self signed certificate error. Then I added process.env[âNODE_TLS_REJECT_UNAUTHORIZEDâ] = 0; in my code and it seems to be working.
That also needs to be in documentation I believe. I have lost so many hours working on this.
The ultimate blame is for applications and examples that promote the use of self-signed certificates. There is no gain in using these. Just take the time to get a proper certificate.
I, too, spent a few hours double-checking my initial express node app for typos and misunderstandings in an attempt to determine why the Keycloak.protected routes all would fail with Access Denied.
It would be helpful if the connection failure due to the client not accepting the self-signed certificate of the server (here Keycloak as the identity and authentication service) was reported in a more evident manner.
