Skip to main content
Skip table of contents

Configuring a Reverse Proxy Server

The following configuration must be done on the reverse proxy server itself, specifically on the HTTP server that is responsible for proxying (e.g., Apache or NGINX).

1. Set the following HTTP headers:

  • X-Forwarded-For

  • X-Forwarded-Proto

  • X-Forwarded-Host

Note:

If these headers are not configured correctly, security problems occur. For more information, see the Keycloak documentation (http://www.keycloak.org) in the chapter on using reverse proxy servers.

2. Enable the endpoints that should be available from the outside.

This setting depends on the requirements of the users and the security preferences of the administrator.
Example: The access to the Keycloak Administration Console is not available by default. Explicit forwarding rules must be created for access.

The following figures show a sample configuration for the Apache HTTP server:

Header settings in Apache

Example for routing rules in Apache

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close