OIDC Issue: URI+with+undefined+scheme

For sometime now, I been trying to get OpenID Connect to work with my login portal. Previously I was working with LogTo, but I’ve planned to use Keycloak now.

When I login via OpenID Connect on my Penpot instance, the login screen from Keycloak does appear with no issue, but after logging in the following path is returned:
/#/auth/login?error=unable-to-auth&hint=URI+with+undefined+scheme

I’m not sure how to go about fixing the undefined scheme issue.


Setup

Environment Variables setup in docker-compose.yml:

      - PENPOT_OIDC_CLIENT_ID=REDACTED
      - PENPOT_OIDC_CLIENT_SECRET=REDACTED
      - PENPOT_OIDC_BASE_URI=https://REDACTED/realms/Wormhole/.well-known/openid-configuration
      - PENPOT_OIDC_AUTH_URI=https://REDACTED/realms/Wormhole/protocol/openid-connect/auth
      - PENPOT_OIDC_TOKEN_URI=https://REDACTED/realms/Wormhole/protocol/openid-connect/token
      - PENPOT_OIDC_USER_INFO_SOURCE=https://REDACTED/realms/Wormhole/protocol/openid-connect/userinfo
      - PENPOT_OIDC_NAME_ATTR=username
      - PENPOT_OIDC_EMAIL_ATTR=email

Both enable-login-with-oidc and enable-oidc-registration are enabled for frontend and backup of this Penpot instance.

Keycloak setup:

  • Valid Redirect URL: https://REDACTED/api/auth/oauth/oidc/callback
  • Client Authentication (Enabled)
  • Authorization (Enabled)
  • Authentication Flow:
    • Standard Flow (Enabled)
    • Direct Access Grants (Enabled)
    • Implicit Flow (Enabled)
    • Service Accounts Roles (Enabled)
    • OAuth 2.0 Device Authorization Grant (Disabled)
    • OIDC CIBA Grant (Disabled)