Is it possible to disable https requirement for OIDC Authority? #2449
Unanswered
cristiz1992
asked this question in
Help
Replies: 1 comment
-
|
Hi! Currently, no, this setting isn't exposed by Seq. Running a separate reverse proxy with regular TLS, which forwards to KeyCloak and authenticates with mTLS, might be a workaround (and would maintain some security around the endpoint, which seems worthwhile). Let me know if this sounds promising. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Is it possible to disable https requirement for Authority URI when using OIDC?
I'm using mTLS to protect Seq and Keycloak endpoints. The side effect is that the openid configuration endpoints are no longer available.
Endpoints like https://example.com/keycloak/realms/services/.well-known/openid-configuration are inaccessible due to mTLS.
I was thinking of using the internal url of kubernetes http://keycloak.keycloak-system.svc.cluster.local/keycloak/realms/services to setup the OIDC Authority in Seq, but this causes the following error when trying to save:
System.InvalidOperationException: The MetadataAddress or Authority must use HTTPS unless disabled for development by setting RequireHttpsMetadata=false.
Beta Was this translation helpful? Give feedback.
All reactions