Hi,
I have a fast question.
POST LIMIT 2 URL
domain1 = keycloak.aaa.com
domain2 = sso.bbb.com
What to achieve:
- user needs to change last name
- user gets a URL like domain2
- user clicks on the URL and gets the login form
- user sign-in
- done
What is done:
- Keyloak runs directly on VM with a certificate from Certbot
- Certificate has multiple domains like domain1, domain2
- domain domain1 is the default for master realm
- domain domain2 is for realm “bbb”
What does not work?
When user use the URL “domain2” it does not show realm’s login form
instead of it made redirecting to default domain with master realm
Question is…
How to make redirect from realm’s frontend URL like “domain2” to account-console like “domain2/realms/bbb/account” eg. “domain2/realms/master/protocol/openid-connect/auth…” ?
It happened in case MASTER realm.
Basically when I type into browser Keycloak’s default hostname like “domain1” it redirects me to login form on “domain1/realms/master/protocol/openid-connect/auth…”.
I just need the same redirect for normal realm with “Frontend URL” set to “domain2”.
I tried settings
–hostname-strict false
–hostname-backchannel-dynamic true
I change client “account” attribute “Root URL” to “domain2” and then start to work link to url “domain2/realms/bbb/account” … but redirect from “domain2” still not work.
Google give me crap and ChatGPT told me use “Frontend URL” but don’t know why redirect not working.
It already take me 7 hours in two days and no success.
I think nobody wants send emails with URL and note “after you click to link please change word “master” in page URL into “bbb” to make it work, thank you”.
OK, I can send hostname with complete path “domain2/realms/bbb/account” but it just looks terrible like advertise “sign-in on domain3/realms/netflix/account” 
Thanks you very much.