Recently, I had to produce a docker compose file to share a demo of a React + Spring Boot app using Keycloak.
The setup is pretty straightforward
However, some keycloak / openid specifics make this setup invalid for when the spring boot application tries to validate the token.
The url the frontend application is using to reach keycloak is different that the one the spring boot application is using to connect to within the docker network :
That leads to the following exception :
To solve this issue, I had to add the following setting to the keycloak
proxy-url config of the spring boot application :
- keycloak.auth-server-url=http://localhost:8080/auth - keycloak.proxy-url=http://keycloak:8080/auth - keycloak.realm=demo - keycloak.resource=demo-client - keycloak.public-client=true - keycloak.principal-attribute=preferred_username - keycloak.use-resource-role-mappings=true - keycloak.enabled=true