Has anyone successfully implemented NextAuth.js with dynamic Keycloak realms? Similar to this discussion, https://github.com/nextauthjs/next-auth/discussions/8747, our users live in multiple realms. We initialize the NextAuth Keycloak provider with a default realm which sends users to an external Keycloak login page where the user inputs their email address and a Keycloak API call is made to figure out which realm the user is on. Once the authentication is complete, the user is redirected to the callback route handler with a query parameter containing the user’s actual realm.

In the callback hander using advanced initialization, we are able to grab the realm and update the provider accordingly. However, we receive the following error message (full error attached):

[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error invalid_grant (Incorrect redirect_uri)