search

mauriciovigolo / keycloak-angular

Easy Keycloak setup for Angular applications.
MIT License
730 stars 280 forks source link

Unwanted GET request for {config.url}/realms/{config.realm}/account on init #513

Open rasiaq opened 1 year ago

rasiaq commented 1 year ago

Bug Report or Feature Request (mark with an x)

- [ x] bug report -> please search for issues before submitting
- [ ] feature request

Versions.

14.0.0

Repro steps.

Here is my Keycloak config:

    return keycloak.init({
      config: {
        url: https://foo.com;
        realm: bar;
        clientId: bar;
      },
      initOptions: {
        onLoad: 'login-required',
        silentCheckSsoRedirectUri: window.location.origin + '/assets/silent-check-sso.html',
        redirectUri: window.location.href,
        pkceMethod: 'S256',
      },
    });

It seems like on startup, Keycloak performs GET request to https://foo.com/realms/bar/account. When I checked Initiator in devtools in browser it points to keycloak.init. For me, this is an undesirable action, because I cannot handle this HTTP request in any way. \ I could not find any information about this in documentation nor in code, so I don't know if it's normal behavior or a bug.

Desired functionality.

Do not perform this request if it's not necessary

Zachar543 commented 10 months ago

I ran into the same thing.

This request is coming from keycloak-js when trying to load the user's profile.

Not idea, but I was able to get around it by adding loadUserProfileAtStartUp: false, to the keycloak.init() call and avoiding parts of the library that would cause it to load the profile (e.g. keycloak.loadUserProfile()).

For context, I'd rather not have the account management page accessible to users and they share the same URL.