You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In multi-tenant mode, the logic for resolving instances in the keycloak-multitenant.service.ts has a flaw. When resolveAlways is enabled, the existing instance is not correctly updated with the new configuration (authServerUrl, secret).
More precisely the keycloak.grantManager resulting in errors: Cannot validate access token: Error: Grant validation failed. Reason: invalid token (wrong ISS) even when resolveAlways config is set to true
Steps to Reproduce
Enable multi-tenant mode.
Set resolveAlways to true.
Observe that the instance is not updated properly with the latest configuration.
Expected Behavior
When resolveAlways is enabled, the existing instance should be updated with the new authServerUrl and secret.
Actual Behavior
The existing instance is not updated correctly, leading to outdated configurations.
The text was updated successfully, but these errors were encountered:
Issue Description
In multi-tenant mode, the logic for resolving instances in the
keycloak-multitenant.service.tshas a flaw. WhenresolveAlwaysis enabled, the existing instance is not correctly updated with the new configuration (authServerUrl,secret).More precisely the
keycloak.grantManagerresulting in errors:Cannot validate access token: Error: Grant validation failed. Reason: invalid token (wrong ISS)even whenresolveAlwaysconfig is set totrueSteps to Reproduce
resolveAlwaystotrue.Expected Behavior
When
resolveAlwaysis enabled, the existing instance should be updated with the newauthServerUrlandsecret.Actual Behavior
The existing instance is not updated correctly, leading to outdated configurations.
The text was updated successfully, but these errors were encountered: