I'm developing an architecture where my Angular front end connected to a Spring Boot back end and the front end is accessible via NGINX.
Before accessing to my application, the user must be authenticated.
I use Keycloak as Identity manager and keycloak-gatekeeper as a proxy oauth that verify whether the user is authenticated or not.
After a successful authentication, gatekeeper redirects (and sends headers with identity information such as : username, email, roles ...) to my front which is a single page that call the spring boot API to retrieve the information based on the logged user and its role.
The problem is : the API doesn't receive any of these headers sent by the Gatekeeper.
I did several test to know where exactly i loose the headers and i found that when i connect the Gatekeeper directly with the API, the API receives all the headers but when i add the angular app in between, the back end receive only standards headers like : host, x-real-ip,x-forwarded-for, access-control-allow-origin ...)
It seems like the front generate a new request -with default headers- to the back and lost the other headers.
How can i preserve those headers so that my API receive them all ?
Here is a picture with my architecture :
Thank you all for the help