SKDragon18 commented on issue #11960: URL: https://github.com/apache/apisix/issues/11960#issuecomment-2647053344
i found solution, i use route with proxy-rewrite instead of authz-keycloak. The goal is for Access_Token to keep Issuer - the domain of Keycloak instead of returning Apisix's domain when encrypted. Curl like that: ``` curl -X PUT "http://127.0.0.1:9180/apisix/admin/routes/keycloak-authen"; \ -H "X-API-KEY: xxx" \ -H "Content-Type: application/json" \ -d '{ "id": "keycloak-authen", "uri": "/auth/token", "methods": ["POST"], "plugins": { "proxy-rewrite": { "regex_uri": ["/auth/token", "/realms/apisix_test_realm/protocol/openid-connect/token"] } }, "upstream": { "type": "roundrobin", "nodes": { "host.docker.internal:8080": 1 }, "scheme": "http", "pass_host": "rewrite", "upstream_host": "host.docker.internal:8080" } }' ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
