Problem upgrading with auth portion of URL now gone

1

I’m trying to upgrade from 16 to 18 but the /auth portion of the URL was removed. It’s going to be too much work to reconfigure all applications with the new URL so I tried a few things to work around it .

  1. /opt/keycloak/bin/kc.sh build --http-relative-path /auth - This didn’t work completely. Applications were still failing.

  2. I tried a few nginx rewrite rules but that also wasn’t successful. I’m not an nginx rewrite expert either.

What have other people done to successfully upgrade in this situation?

2

I suppose this is a runtime configuration, so you should use it /opt/keycloak/bin/kc.sh start --http-relative-path /auth.

You’ll know it works when you can access keycloak console at the <server>/auth/admin/console instead of the <server>/admin/console.

3

The way I have it setup right now with build --http-relative-path /auth, /auth works. The applications just don’t.

4

I just tried it now and it’s working. I’m not sure what’s different.

If someone knows how I can remove /auth without reconfiguring my applications, (using a rewrite or similar) please let me know.

5

This may help you if you have a nginx reverse proxy in front of keycloak: url rewriting - multiple django apps with nginx proxy_pass and rewrite - Stack Overflow

That would be:

location /auth/ {
    proxy_pass http://keycloak_server:8080/
}

Nginx will automatically replace the path fragment in the location directive with the fragment specified at the proxy_pass. In this case, replacing /auth for / as in /auth/realm/foo with /realm/foo