Many edges. Invalid token issuer

7/19/2019

I'm running a Spring app on Kubernetes. App is authenticated via keycloak (also run on k8s).

The problem is that in case when Kubernetes will have configured more than one edge node I can connect only from node which is configured in keycloak.auth-server-url in the Spring app. On other edge nodes I'm getting Invalid token issuer error. Do you know any solution for that problem?

-- skoczo
keycloak
kubernetes
spring

1 Answer

7/22/2019

Remember that first, during keycloak configuration you have to create a new client with the name persons-app specific for the application. You can do that under Clients in the left column and then clicking Create.

Then proper redirect URL needs to be configured.

After setting up the proper client, a new role user is added to Keycloak. This role can later be assigned to individual users in order to define appropriate access policies.

The last thing you have to do is creating an actual user and assigning the newly created role to that user. This can be done by clicking Add User under the page Users.

Next, you have to set a password for the user. In this example, it is the standard password for example projects (i.e. password).

Roles of a user can be managed under the tab Role Mappings. You have to add the role user to Assigned Roles.

That's it. Keycloak is now ready to be used and has already a very (very) small user base. Now you can proceed to the actual application, which should be secured.

Remember that in order to store relevant information and configuration, a PostgreSQL database must be set up first.

More information you can find here: spring-keycloak.

-- MaggieO
Source: StackOverflow