Redirecting keycloak login page to domain

Hi everyone,

My shinyproxy is running on 8080 port, keycloak is running 8081 port and keycloak authentication works great.

I got a domain from IT department for my app and I configurated nginx file for reverse proxy. In terms of an example, I call the domain name as mydomain.com

Before reverse proxy, I defined the valid redirect urls as http://mydomain.com/* on administration console and then I configurated nginx file below as you can see.

server {
        listen                80;
        server_name           mydomain.com;
        rewrite     ^(.*)     https://$server_name$1 permanent;
}

server {

        listen                443;

        ## Add here your custom domain
        server_name mydomain.com www.mydomain.com;

        access_log            /var/log/nginx/shinyproxy.access.log;
        error_log             /var/log/nginx/shinyproxy.error.log error;

        ssl on;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_certificate       /Certificates/sll.crt;
        ssl_certificate_key   /Certificates/ssl.key;

        location / {
            proxy_pass          http://127.0.0.1:8080;

            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_read_timeout 600s;

            proxy_redirect    off;
            proxy_set_header  Host             $http_host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header  X-Forwarded-Protocol $scheme;

        }
}

After reverse proxy, I can go to my app by using mydomain.com on browser and it shows me the login page but you will see following url below because of my nginx file.

http://...:8081/auth/realms/shinyproxy/protocol/openid-connect/auth?response_type=code&client_id=shinyproxy&redirect_uri=http%3A%2F%2Fmydomain.com%2Fsso%2Flogin&state=858f3a51-b2ba-499c-bef4-804170f2f82b&login=true&scope=openid

When I sign in the app, the domain redirects itself as mydomain.com and I can use my app.

I tried some codes on my nginx file but I’ve failed to redirecting login url. Is there any way to configurate the login page like mydomain.com/auth and when you sign in succesfully, you go from mydomain.com/auth (login page) to mydomain.com (your app).

In this case, what should I configurate my nginx file?

Thanks.

Hi Ekrem,

I think that you omitted to configure Base URL in Keycloak Client. It should be http://mydomain.com/. In case of problems put * in Web Origins.

Nginx setup looks fine to me.

Regards
Dusan

It didn’t work. :frowning: @dingo

Do I need two different domains for frontend url problem? For example,

  • App: app.mydomain.com
  • Keycloak: keycloak.mydomain.com

Or can I use one domain for both of them?

Two domains. I do not have any setup with one domein for ShinyProxy and Keycloak.