Securing Token Endpoint by Client IPs

Securing applications

DixonLCK June 29, 2022, 7:23am 1

Hi Experts,

On KC token endpoint (/auth/realms/xxx/protocol/openid-connect/token), how do I apply IP whitelist for the client that are allow to access it?

Dixon

weltonrodrigo June 30, 2022, 5:28pm 2

Hi, this is not possible out of the box with Keycloak, but take a look at Limit login of a specific users from whitelist IP address for a look into how you could write a SPI to do that.

Topic		Replies	Views	Activity
Securing the built-in admin-cli client	3	1176	February 23, 2021
How to allow refresh_token based user ip? Getting advice admin-console , authentication , oidc	0	35	July 10, 2024
How to Restrict Token Generation Based on User-Client Access in Keycloak Getting advice	2	541	November 22, 2023
Limit login of a specific users from whitelist IP address Getting advice authentication	17	9669	October 8, 2021
Authorization - skip based on IP Address / hostname Securing applications	0	546	July 25, 2022