ArgoCD + Keycloak using internally or skip the issuer (Ingress)

[antikilahdjs]

Checklist:

• [x ] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
• [ x] I've included steps to reproduce the bug.
• [ x] I've pasted the output of argocd version.

Describe the bug

I followed 100% using the URL https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/user-management/keycloak.md and everything has been configured correctly but my issue is internally.

My hosts does not recognize my external keycloak due securities reasons so it is possible skip the external issuer and point to internally? I have other application and some of them I can skip the issuer verification and can use the internal keycloak service but for argocd i cannot found it.

To Reproduce

1. Install using the official helm charts ( my Kubernetes running on 1.23.6 version)
2. Use the configuration to OIDC

oidc.config: |
      name: Keycloak
      issuer: https://mykeycloak/auth/realms/myrealm
      clientID: argocd
      clientSecret: $oidc.keycloak.clientSecret
      requestedScopes: ["openid", "profile", "email", "groups"]

3. Also include the URL for ArgoCD as well
4. Added in the CM the oidc.tls.insecure.skip.verify: true

Expected behavior
Skip the issuer verification

Screenshots

Version

 2024/11/05 13:31:58 maxprocs: Updating GOMAXPROCS=1: determined from CPU quota
 argocd: v2.13.0+347f221
  BuildDate: 2024-11-04T12:09:06Z
  GitCommit: 347f221adba5599ef4d5f12ee572b2c17d01db4d
  GitTreeState: clean
  GoVersion: go1.23.1
  Compiler: gc
  Platform: linux/amd64
FATA[0000] Argo CD server address unspecified

Logs

Logs about when click to login using the Keycloak 

oidc: issuer did not match the issuer returned by provider, expected

Logs about my ArgoCD Server

 2024/11/05 13:40:44 maxprocs: Updating GOMAXPROCS=1: using minimum allowed GOMAXPROCS

 time="2024-11-05T13:40:44Z" level=info msg="ArgoCD API Server is starting" built="2024-11-04T12:09:06Z" commit=347f221adba5599ef4d5f12ee572b2c17d01db4d namespace=argocd-gitops port=8080 version=v2.13.0+347f221

 time="2024-11-05T13:40:44Z" level=info msg="Starting configmap/secret informers"

 time="2024-11-05T13:40:44Z" level=info msg="Configmap/secret informer synced"

 time="2024-11-05T13:40:44Z" level=info msg="Creating client app (argocd)"

 time="2024-11-05T13:40:44Z" level=info msg="argocd v2.13.0+347f221 serving on port 8080 (url: http://myargocdurl, tls: false, namespace: argocd-gitops, sso: true)"

 time="2024-11-05T13:40:44Z" level=info msg="Enabled application namespace patterns: argocd-gitops"

 time="2024-11-05T13:40:44Z" level=info msg="0xc0008a1a40 subscribed to settings updates"

 time="2024-11-05T13:40:44Z" level=info msg="Starting rbac config informer"

 time="2024-11-05T13:40:44Z" level=info msg="RBAC ConfigMap 'argocd-rbac-cm' added"

Somebody can help me to understand if it is possible? Tks