Kong Manager OIDC with Keycloak 2x login screens (Why should i enter my username twice?)

I’m testing the integration of Kong Manager with Keycloak for authentication using OIDC. The service works, but it feels a bit clunky. When I navigate to the Kong Manager page on http://localhost:8002/login, I’m presented with the Kong Manager Login screen, asking me to enter a username. I enter the username and am then directed to Keycloak, where I’m asked to enter a username (with a password this time).

With OIDC implemented, shouldn’t I only need to enter the username on the Keycloak login page?

My kong config:

{
  "issuer": "http://keycloak.kong-keycloak.svc.cluster.local:8080/realms/master",
  "client_id": ["kong2"],
  "client_secret": ["**********redacted*********"],
  "consumer_by": ["username", "custom_id"],
  "ssl_verify": false,
  "consumer_claim": ["email"],
  "leeway": 60,
  "redirect_uri": ["http://localhost:8002/manager/overview"],
  "login_redirect_uri": ["http://localhost:8002/manager/overview"],
  "logout_redirect_uri": ["http://localhost:8002/manager/overview"],
  "logout_methods": ["GET", "DELETE"],
  "logout_query_arg": "logout",
  "scopes": ["openid", "profile", "email", "offline_access", "roles"],
  "auth_methods": ["authorization_code", "session"],
  "response_mode": "query",
  "authenticated_groups_claim": ["groups"],
  "admin_claim": "email",
  "admin_auto_create": true,
  "admin_auto_create_rbac_token_disabled": false
}

Screenshot 2025-10-02 at 14.46.002500×1494 113 KB

Screenshot 2025-10-02 at 14.45.241920×1337 26.6 KB

I managed to fix it simply by using a newer version of Kong.

I originally used image: kong/kong-gateway:3.5
I changed to: image: kong/kong-gateway:3.11.0.0

Now I have only one screen where I need to enter the username and password credentials:

Kong:

Screenshot 2025-10-06 at 07.13.161746×1074 22 KB

Redirects to Keycloak:

Screenshot 2025-10-06 at 07.14.211684×1308 81.2 KB

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.