Hi all,

I have Keycloak and Angular app behind IIS/Application request router/URL Rewrite configuration located in let's say for example https://server.com. Keycloak has proxy-address-forwarding set to true, and if logging in to the application with Keycloak user everything works alright.
The problem occurs when defining Azure AD as an identity provider. After initiating login process, keycloak should redirect request to https://login.microsoft.com/tenantid/xxxx, but instead request is routed to https://server.com/tenantid/xxxx which obviously is not the right address.

X-Forward-For and X-Forward-Proto are set in IIS.

Any help/ideas are appreciated.