I try to use a shell script to login to a web application secured by Keycloak Gatekeeper. The login is working and the token handle shows the correct data. But when I do the "real" request the X-Auth-* headers are not existing, so the upstream application is not able to check the authorization.
# login
wget --save-cookies .cookie --keep-session-cookies -qO/dev/null --post-data='username=...&password=...' "$URL/oauth/login"
# verify the token data (correct)
wget --load-cookies .cookie -q -O- "$URL/oauth/token"
# request data (no X-Auth headers present)
wget --load-cookies .cookie -nv -O- "$URL/path/to/data"
When doing the login via the Code Flow via the browser the headers are set correctly.
X-Auth-*
headers are added to the requestfrom the gatekeeper to the upstream app
. You are checkinguser - gatekeeper
connection, so it is correct, that these headers are not there.