Keycloak CORS issue when being redirected to login

Question

I am trying to get the nodeJS keycloak adapter working with my Express application, but am facing a CORS issue when it tries to redirect to the login page for routes I have

Answer 1

I am also working on this issue with mindparse.

I think the key issue here is that the keycloak server is not responding with any ACCESS-CONTROL-ALLOW-ORIGIN headers despite the fact that he has correctly configured the "web Origins" setting in the keycloak admin portal.

A more in depth flow of the process is:

1. The user attempts to call a keycloak secured route on a node express server
2. Keycloak middleware detects that the user is not authenticated and responds to the request with a 302 (redirect) to a custom login page hosted by the keycloak server.
3. The browser sends an OPTIONS request to the keycloak server to check if it is because it is a cross origin request.
4. The keycloak servers response DOES NOT include the ACCESS-CONTROL-ALLOW- ORIGIN header to tell the browser that it has permission to make this request.
5. The browser then reads this response and therefore does not make the follow up request because it did not pass the access control allow origin checks

Answer 2

Just put the url of your app like "http://localhost:8081" in "Web Origins" field of client settings in Keycloak.

Answer 3

I had the exact same problem. I am using Keycloak 6.0.1

In my case, I had to add "enable-cors": true in keycloak.json in my Java backend server.

Afterward, I had another issue: 401 UNAUTHORIZED. This post solved the problem