Client error on keycloak token endpoint

See original GitHub issue

Hi

I tried to integrate django with keycloak openid by using this library. Unfortunately I got this message

400 Client Error: Bad Request for url: http://KEYCLOAK-IP/auth/realms/myrealm/protocol/openid-connect/token

Here is my sample settings in my django application

OIDC_RP_SIGN_ALGO = 'RS256'

OIDC_OP_JWKS_ENDPOINT = 'http://KEYCLOAK-IP/auth/realms/myrealm/protocol/openid-connect/certs'

OIDC_RP_CLIENT_ID = 'webapp'
OIDC_RP_CLIENT_SECRET = '29357c72-ed21-4a4c-a882-58194b63cb1f'


OIDC_OP_AUTHORIZATION_ENDPOINT = 'http://KEYCLOAK-IP/auth/realms/myrealm/protocol/openid-connect/auth'

OIDC_OP_TOKEN_ENDPOINT = 'http://KEYCLOAK-IP/auth/realms/myrealm/protocol/openid-connect/token'

OIDC_OP_USER_ENDPOINT = 'http://KEYCLOAK-IP/auth/realms/myrealm/protocol/openid-connect/userinfo'

I would be glad if someone could help me with this issue 😃.

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:4
  • Comments:10 (1 by maintainers)

github_iconTop GitHub Comments

4reactions
airen29commented, Dec 2, 2020

I’ve got a similar problem. Error was: Keycloak returns HTTP-400 "error":"invalid_grant","error_description":"Code not valid" I’ve solved this problem by setting Access Token Lifespan to higher numbers.

Then I’ve encoutered the problem, that Keycloak endpoint /token was on first attempt returning 200 OK but didn’t respond with access_token. On second attempt I’ve got 400 HTTP error. I’ve solved this problem thanks to adding * into web origin in Keycloak settings.

I hope this answer helps someone.

2reactions
surfer190commented, Nov 4, 2019

If you go to:

http://KEYCLOAK-IP/auth/realms/{realm}/.well-known/openid-configuration

All the endpoints are given. I’m testing this now though and will get back to you.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Securing Applications and Services Guide
The access token is digitally signed by the realm and contains access information (like user role mappings) that the application can use to ......
Read more >
[KEYCLOAK-3399] End session endpoint returns error ...
Go to Real Settings / Tokens 2. Configure "Access Token Lifespan" to 1 minute 3. Login as an user and save returned id_token...
Read more >
Accessing Keycloak Endpoints Using Postman
Authorization Server – issues an OAuth 2.0 token and delivers it to the client after authenticating the resource owner. OAuth 2.0 is a...
Read more >
Step by step guide using Keycloak
The IDP replies with the client ID and secret. Using the previous information, the developer (or your application) triggers a call to the...
Read more >
Create or list users did not work well. Responds "error"
Since it is unknown which version of keycloak you're trying to perform the api request, it might be something wrong with the payload...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found