-
Epic
-
Resolution: Obsolete
-
Minor
-
None
-
None
-
None
-
False
-
None
-
False
-
If Release Note Needed, Set a Value
-
Set a Value
We might need to provide support for Keycloak dealing with environment variables in order to allow fine-grain and customizable configuration for Identity Broker, Clients, etc...
Example use-case:
- Identity Broker support for expression variables to allow multiple "Relative URLs"
For example, a customer has 2 realms and wants to access them this way: - The "realmA" and "realmB" are always running on same host- - The host is accessible on different URLs like "alias1.foo.com" and "alias2.foo.com" - When customer initiates login by access to "https://alias2.foo.com/auth/realms/b/account", then it wants that identity broker will also use "https://alias2.foo.com/auth/realms/realma/protocol/openid-connect/auth" . And vice-versa for "alias1.foo.com" Keycloak currently doesn't support this use-case for identity brokering to work with "Relative URLs". This would mean that the "Authorization Endpoint" for Identity provider will be specified with the value "/auth/realms/realmA/protocol/openid-connect/auth" . Keycloak will then translate this "relative URL" in runtime according to used host.
- links to