a3e946e7cb
* KEYCLOAK-11728 New default hostname provider * Update server_admin/topics/threat/admin.adoc Co-Authored-By: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update server_admin/topics/threat/admin.adoc Co-Authored-By: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
14 lines
No EOL
788 B
Text
14 lines
No EOL
788 B
Text
|
|
=== Host
|
|
|
|
{project_name} uses the public hostname for a number of things. For example, in the token issuer fields and URLs sent in
|
|
password reset emails.
|
|
|
|
By default, the hostname is based on the request headers and there is no check to make sure this hostname is valid.
|
|
|
|
If you are not using a load balancer or proxy in front of {project_name} that prevents invalid host headers, you must
|
|
explicitly configure what hostnames should be accepted.
|
|
|
|
The Hostname SPI provides a way to configure the hostname for a request. The out of the box provider allows setting
|
|
a fixed URL for frontend requests, while allowing backend requests to be based on the request URI. It is also possible
|
|
to develop your own provider in the case the built-in provider does not provide the functionality needed. |