Help with adminAuth config for OpenID based authentication

I have this working with:

adminAuth: {
    type: "strategy",
    strategy: {
        name: "Keycloak",
        label: 'Sign in with KeyCloak',
        icon: "fa-key",
        strategy: require("@exlinc/keycloak-passport"),
        options: {
            host: "https://nodered.example.com",
            realm: "myRealm",
            clientID: "node-red",
            clientSecret: "761a35f4-f2bf-48ee-b2cb-999351d0242f",
            callbackURL: "/auth/strategy/callback",
            authorizationURL: "https://auth.example.com/auth/realms/myRealm/protocol/openid-connect/auth",
            tokenURL: "https://auth.example.com/auth/realms/myRealm/protocol/openid-connect/token",
            userInfoURL: "https://auth.example.com/auth/realms/myRealm/protocol/openid-connect/userinfo"
        },
        verify: function (accessToken, refreshToken, profile, done) {
            done(null, profile);
        }
    },
    users: [
        { username: "me@example.com", permissions: ["*"] }
    ]
},

and Keycloak settings of:

Note the http and not https in the redirect URL, as node-red was sending a redirect_uri of

https://auth.example.com/auth/realms/YendorINC/protocol/openid-connect/auth?
response_type=code&
redirect_uri=http%3A%2F%2Fnodered.example.com%2Fauth%2Fstrategy%2Fcallback&
client_id=node-red

this could be from running behind a proxy (Traefik) doing the tls for my sites.

@sarosh maybe try setting you callbackURL to just /auth/strategy/callback and your host to the host url of the nodered server [but I don't know how keycloak can call back to a localhost???]

Regards,