Hello,
we are struggling with FAPI2 setup …
Infra is simple: TyK as gateway in front with domain name: web.baas-gateway.com operating on port 8443 with self-signed cert.
In the same docker network there is a keycloak as well.
The test page initiates a FAPI2 auth procedure.
Our PAR request is fine, keycloak login fine passes TyK nicely, username and password fine, we receive a temporal token. ToTP page appears, we enter a code and when this code is called, we receive this error message from Tyk:
time="Oct 02 11:51:29" level=debug msg="Setting up Issuer: https://web.baas-gateway.com:8443/auth/realms/web" api_id=web-b2b-api api_name="Web B2B Gateway" mw=OpenIDMW org_id=1 origin=172.20.0.1 path=/api/totp/validate type=request
time="Oct 02 11:51:29" level=debug msg="--> Setting up client: web-banking with policy: 5f9a1b2c3d4e5f6a7b8c9d0e" api_id=web-b2b-api api_name="Web B2B Gateway" mw=OpenIDMW org_id=1 origin=172.20.0.1 path=/api/totp/validate type=request
time="Oct 02 11:51:29" level=warning msg="JWT Invalid" api_id=web-b2b-api api_name="Web B2B Gateway" error="Validation error. Validation error. Failure while contacting the jwk endpoint : Get \"\": unsupported protocol scheme \"\"" mw=OpenIDMW org_id=1 origin=172.20.0.1 path=/api/totp/validate type=request
absolutely no idea how to extract more information or to get a clue what to set here.
Issuer https://web.baas-gateway.com:8443/auth/realms/web looks fine, Gateway forwards all request with to keycloak
curl -k https://web.baas-gateway.com:8443/auth/realms/web/.well-known/openid-configuration
retrieves nicely the information, tyk still fails and we see no valuable logs what to change …
Anyone experiencing similar issue?
Thank you in advance!
.