JWT Authorizer | Keycloak | Invalid issuer

Question

I am trying to configure keycloak as a JWT authorizer in HTTP API gateway but I am getting the below error.

The configured issuer URL is:
https://ec2-52-210-8-38.eu-west-1.compute.amazonaws.com:8443/realms/DUS

```
Invalid issuer: https://ec2-52-210-8-38.eu-west-1.compute.amazonaws.com:8443/realms/DUS. Issuer must have a valid discovery endpoint ended with '/.well-known/openid-configuration'
```
Knowing that I can access the ".well-konwn" configuration normally

https://ec2-52-210-8-38.eu-west-1.compute.amazonaws.com:8443/realms/DUS/.well-known/openid-configuration

Answer

The issuer URL must include the '/.well-known/openid-configuration' at the end.
https://auth0.com/blog/securing-aws-http-apis-with-jwt-authorizers/#:~:text=The-,Issuer%20URL,-is%20the%20base

JWT Authorizer | Keycloak | Invalid issuer

相关内容