diff --git a/.env b/.env
index 402477f..decba45 100644
--- a/.env
+++ b/.env
@@ -3,3 +3,4 @@ EXTERNAL_RESOURCE_DIR=~
 PROXY_PROTOCOL=http
 PROXY_HOST=localhost
 PROXY_PORT=8080
+IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080
diff --git a/docker-compose.yml b/docker-compose.yml
index ae35888..5ddbc21 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,9 +11,13 @@ services:
         environment:
             KEYCLOAK_USER: admin
             KEYCLOAK_PASSWORD: admin
-            KEYCLOAK_HOSTNAME: ${PROXY_HOST}
+            KEYCLOAK_HOSTNAME: auth.example.org
             KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json
             KEYCLOAK_STATISTICS: enabled
+        networks:
+            default:
+                aliases:
+                    - "auth.example.org"
         volumes:
             - ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro
     
diff --git a/keycloak-alfresco-realm.json b/keycloak-alfresco-realm.json
index f12d06c..198f54a 100644
--- a/keycloak-alfresco-realm.json
+++ b/keycloak-alfresco-realm.json
@@ -10,16 +10,7 @@
     }, {
       "name": "admin",
       "description": "Administrator privileges"
-    } ],
-    "client": {
-      "alfresco": [
-        {
-          "name": "administrator",
-          "composite": false,
-          "clientRole": true
-        }
-      ]
-    }
+    } ]
   },
   "clients": [
     {
@@ -28,6 +19,9 @@
       "enabled": true,
       "alwaysDisplayInConsole": false,
       "redirectUris": [ "*" ],
+      "standardFlowEnabled": true,
+      "implicitFlowEnabled": true,
+      "directAccessGrantsEnabled": false,
       "publicClient": true,
       "protocol": "openid-connect",
       "attributes": {
@@ -46,10 +40,7 @@
           "value" : "password"
         }
       ],
-      "realmRoles": [ "user" ],
-      "clientRoles": {
-        "alfresco": ["administrator"]
-      }
+      "realmRoles": [ "user", "admin" ]
     }
   ]
 }
diff --git a/nginx-ingress/nginx.conf b/nginx-ingress/nginx.conf
index 329c46e..214686a 100644
--- a/nginx-ingress/nginx.conf
+++ b/nginx-ingress/nginx.conf
@@ -19,7 +19,10 @@ http {
 
         proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
         proxy_redirect off;
-        proxy_buffering off;
+#        proxy_buffering off;
+        proxy_buffer_size	64k;
+        proxy_buffers		4 256k;
+        proxy_busy_buffers_size	256k;
         proxy_set_header Host              $http_host;
         proxy_set_header X-Real-IP         $remote_addr;
         proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;