'Keycloak: CLIENT_INITIATED_ACCOUNT_LINKING_ERROR with invalid_token

We're having a Keycloak with the realm socialBetaTest when I try to initate the Client Initiated Account Linking with the following URL (link with twitter):

https://socialBeta.maio290.de/auth/realms/socialBetaTest/broker/twitter/link?client_id=frontend&redirect_uri=https://localhost:4200/&nonce=someString&hash=someHash

I am getting the following error in my KeyCloak stdout:

WARN  [org.keycloak.events] (default task-42) type=CLIENT_INITIATED_ACCOUNT_LINKING_ERROR, realmId=social, clientId=frontend, userId={properUserID}, ipAddress=x.x.x.x, error=invalid_token, redirect_uri=https://localhost:4200/, username={someEmailAddress}

What I notice here, they realm isn't the proper one, why is it called "social" and not "socialBetaTest"? And why is the token invalid, when it was issued (iss in the JWT) by socialBetaTest? Since we don't provide the token by any parameter, I guess it's reading the token out from the cookie and/or local storage.

Does anyone know how to fix this issue?



Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source