I have problems setting up Keycloak for a project I do.
Keycloak is running on http://localhost:8180.
Thorntail server is running on http://localhost:8080/users which serves data for an
Angular frontend on http://localhost:4200/*. What I want to do is that a User can only see http://localhost:4200/sign-in without logging in. Once logged in they can access for example http://localhost:4200/list-user.
I was using this guide to set up Keycloak, but I'm not sure what I my Client settings should be. This is what I thought:
Root URL: http://localhost:4200/sign-in
*Valid Redirect URIs: http://localhost:4200/list-user
Base URL: http://localhost:4200/sign-in
Admin URL: http://localhost:8080
Somebody please explain the purpose of these settings as I struggle to understand.
Root url is just a value that will be used for relative paths resolving.
http://localhost:4200/sign-in/* (After login user could be redirected to any URI that matches pattern http://localhost:4200/sign-in/*)/ (Is not mandatory. Used when keycloak need to calculate application url by client_id only)/ (Used when Keycloak need to notify applications about revocation or when user logs out. For example when user logs out in application A if he has session in application B, Keycloak will send backchannel request to Admin URL of application B, so Application B will also flush user session in it)Check out docs and info badges in Admin Console