Using environment variable / properties in Redirect URIs

Greetings,

I am currently looking for a solution that is nearly identical to this Google Group question. Is there a way to do this? My use case is being able to dynamically update the “Root URL” for my Keycloak clients without having to make API calls to update clients and have Keycloak pick this up on restart. It seems like there is a Keycloak related property ${authBaseUrl} which could be potentially be abused for this purpose. Also, like the other poster, we are running Keycloak behind a proxy (Traefik) and exposing Keycloak on /auth path. Another option would be to “share” the path namespace with Keycloak with the apps and expose Keycloak over root / - since our applications wouldn’t need the required Keycloak paths like /admin, /realms, etc.

1. Feed Keycloak environment variable, e.g. something like KC_MY_APP_ROOT_URL on startup
2. Use this within the client definition just like ${authBaseUrl} is used in Keycloak related clients like account, e.g. ${myAppBaseUrl}
3. Use relative URL as usual, etc.
4. When Keycloak is restarted with a new value of KC_MY_APP_ROOT_URL it would pick that up without needing to do API calls to update Keycloak clients.

I know it’s what you said you didn’t want, but we ended up having to write scripting to use the API to populate all of these values (form env vars, some of them) on startup. We didn’t find any simpler way although that would be nice!

If it was something as simple as using an env var in a template or email, that would be easy!