Hi,

I've build an application which uses keycloak for security. To extend the passwordresetemail functionality in keycloak I have created an EmailProvider for keycloak

as a Wildfly module. This module performs (called by keycloak on a password reset request) a REST PUT operation on a Rest endpoint in my own application.

This gives me the possibility to store the resetlink generated by Keycloak in my database and use that resetlink in my custom email implementation.

So far not too complicated.

My development setup is a Tomcat 7 server for deployment of my application and a seperate Keycloak running inside Wildfly 9.

This works great.

But when deploying this to my Test environment where I deploy my application to WildFly instead of Tomcat the REST PUT operation fails with HTTP 403 error.

I´ve tried many spring security variations to provide access to the endpoint but no success.

Is there additional configuration I have to do when using REST endpoints in WildFly?

I really don't need any security on this endpoint, can I disable it somehow?

Thank you in advance.

Mark