HTTP 403: Ip Forbidden error when authenticating against Keycloak server

Hi,

I’m new to Jupyterhub and I’m trying to configure it to use a Keycloak server for authentication.

This is my config.yaml:

proxy:
  secretToken: "<secret token>"
  service:
    loadBalancerIP: <ip address>
    
hub:
  config:
    Authenticator:
      auto_login: true
      enable_auth_state: true
    CryptKeeper:
      keys:
        - <key>
    GenericOAuthenticator:
      client_id: s2r-jupyterhub
      client_secret: <client secret>
      oauth_callback_url: http://<ip address>/hub/oauth_callback
      authorize_url: https://<keycloak url>/auth/realms/<realm>/protocol/openid-connect/auth
      token_url: https://<keycloak url>/auth/realms/<realm>/protocol/openid-connect/token
      userdata_url: https://<keycloak url>/auth/realms/<realm>/protocol/openid-connect/userinfo
      login_service: keycloak
      username_key: preferred_username
      userdata_params:
        state: state
    JupyterHub:
      authenticator_class: generic-oauth

However, after being directed to Keycloak then logging in and being redirected back to Jupyterhub, I am receiving this error:

image1899×863 19.7 KB

The hub log says this:

image1919×338 33.4 KB

Any help or pointers would be greatly appreciated

This was an issue on Keycloaks side, needed to add an entry to the firewall for the application.