node.jskeycloakkeycloak-connect

Keycloak denies access even for empty role


In Node.js app I try to secure page with keycloak.protect(), but after successful login app always responds with 403 error.

Keycloak was configured this way:

Then add Alice user and successfully login as that user when Keycloak asks for credentials, but then getting Access denied page. I've set up project where everything might be ./run.sh with single command. I would appreciate any tips on how Keycloak should be additionally configured.

How can I setup Keycloak properly so that access will be allowed for empty list of roles?


Solution

  • It was docker<->keycloak-connect misunderstanding issue: keycloak-connect talks to Keycloak directly (without issuing redirects) and when it fails (it does because Keycloak container isn't accessible from Node.js container through localhost) it issues Access denied response.

    I specified network_mode: host docker setting for Node.js container so that keycloak-connect now can access Keycloak internally.