The keycloak auth config is not work

I followed the document of Authentication - Turn-key research data management repository to setup the invenioRDM,but it doesn’t work.

The config of my project is below:

  1. The invenio.cfg:
# Invenio-Accounts-Keycloak
# ----------------
# See
from invenio_oauthclient.contrib.keycloak import KeycloakSettingsHelper

helper = KeycloakSettingsHelper(
    title="SJTU scidata",
    description="Keycloak Authentication Service",

OAUTHCLIENT_KEYCLOAK_VERIFY_EXP = True  # whether to verify the expiration date of tokens
OAUTHCLIENT_KEYCLOAK_VERIFY_AUD = True  # whether to verify the audience tag for tokens
OAUTHCLIENT_KEYCLOAK_AUD = ""  # probably the same as the client ID

    "keycloak": helper.remote_app,

    "consumer_key": "",
    "consumer_secret": "3d61f612-ea56-487e-9306-5401faa6a4e7",

# Invenio-OAuthclient
# -------------------
# See

#OAUTHCLIENT_REMOTE_APPS = {}  # configure external login providers

from invenio_oauthclient.views.client import auto_redirect_login
ACCOUNTS_LOGIN_VIEW_FUNCTION = auto_redirect_login  # autoredirect to external login if enabled
OAUTHCLIENT_AUTO_REDIRECT_TO_EXTERNAL_LOGIN = True  # autoredirect to external login
  1. The keycloak setting:

The error code:

  1. After I login with keycloak, the invenioRDM page occurs: Internal server error;
    the logs of web-ui is :
Traceback (most recent call last):
  File "/usr/lib/python3.9/urllib/", line 1346, in do_open
    h.request(req.get_method(), req.selector,, headers,
  File "/usr/lib/python3.9/http/", line 1279, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/lib/python3.9/http/", line 1325, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.9/http/", line 1274, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.9/http/", line 1034, in _send_output
  File "/usr/lib/python3.9/http/", line 974, in send
  File "/usr/lib/python3.9/http/", line 1441, in connect
  File "/usr/lib/python3.9/http/", line 945, in connect
    self.sock = self._create_connection(
  File "/usr/lib/python3.9/", line 823, in create_connection
    for res in getaddrinfo(host, port, 0, SOCK_STREAM):
  File "/usr/lib/python3.9/", line 954, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -2] Name or service not known

2.When I change the Valid Redirect URIs in keycloak as I even can’t open the keycloak sign in page. The error code is: Invalid parameter: redirect_uri

sorry for the late answer. Is your reachable from the node running InvenioRDM?

Feel free to join our Discord chat, it might easier to exchange there. is reachable from my InvenioRDM instance. By the change of redirect uri, it doesn’t show the error. But I still can’t receive any info from keycloak server, maybe there is somethind wrong in the setting of keycloak server.

Because the restrictions of region in Discord, I haven’t use it before. I will try to getting help from it, thank you.