diff --git a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilter.java b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilter.java
index 21904f7cf6..3c35649925 100644
--- a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilter.java
+++ b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilter.java
@@ -17,7 +17,6 @@ import javax.inject.Inject;
 import javax.servlet.Filter;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 /**
@@ -31,11 +30,7 @@ public abstract class AbstractKeycloakFilter implements Filter {
   @Inject protected JwtParser jwtParser;
 
   /** when a request came from a machine with valid token then auth is not required */
-  boolean shouldSkipAuthentication(HttpServletRequest request, String token) {
-    if (token == null) {
-      return request.getRequestURI() != null
-          && request.getRequestURI().endsWith("api/keycloak/OIDCKeycloak.js");
-    }
+  boolean shouldSkipAuthentication(String token) {
     try {
       jwtParser.parse(token);
       return false;
diff --git a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakAuthenticationFilter.java b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakAuthenticationFilter.java
index b0fe2442e1..e3dc5f4bfc 100644
--- a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakAuthenticationFilter.java
+++ b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakAuthenticationFilter.java
@@ -52,7 +52,7 @@ public class KeycloakAuthenticationFilter extends AbstractKeycloakFilter {
 
     Jws<Claims> jwt;
     try {
-      if (shouldSkipAuthentication(request, token)) {
+      if (shouldSkipAuthentication(token)) {
         chain.doFilter(req, res);
         return;
       }
diff --git a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakEnvironmentInitalizationFilter.java b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakEnvironmentInitalizationFilter.java
index d7aba6f782..b406c10013 100644
--- a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakEnvironmentInitalizationFilter.java
+++ b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/KeycloakEnvironmentInitalizationFilter.java
@@ -68,7 +68,7 @@ public class KeycloakEnvironmentInitalizationFilter extends AbstractKeycloakFilt
 
     final HttpServletRequest httpRequest = (HttpServletRequest) request;
     final String token = tokenExtractor.getToken(httpRequest);
-    if (shouldSkipAuthentication(httpRequest, token)) {
+    if (shouldSkipAuthentication(token)) {
       filterChain.doFilter(request, response);
       return;
     }
diff --git a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/deploy/KeycloakServletModule.java b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/deploy/KeycloakServletModule.java
index dffeee92c2..63340eca98 100644
--- a/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/deploy/KeycloakServletModule.java
+++ b/multiuser/keycloak/che-multiuser-keycloak-server/src/main/java/org/eclipse/che/multiuser/keycloak/server/deploy/KeycloakServletModule.java
@@ -19,18 +19,25 @@ import org.eclipse.che.multiuser.keycloak.server.KeycloakEnvironmentInitalizatio
 import org.eclipse.che.multiuser.keycloak.server.UnavailableResourceInMultiUserFilter;
 
 public class KeycloakServletModule extends ServletModule {
+
+  private static final String KEYCLOAK_FILTER_PATHS =
+      "^"
+          // not equals to /keycloak/OIDCKeycloak.js
+          + "(?!/keycloak/OIDCKeycloak.js)"
+          // not contains /docs/ (for swagger)
+          + "(?!.*(/docs/))"
+          // not ends with '/oauth/callback/' or '/keycloak/settings/' or '/system/state'
+          + "(?!.*(/keycloak/settings/?|/oauth/callback/?|/system/state/?)$)"
+          // all other
+          + ".*";
+
   @Override
   protected void configureServlets() {
     bind(KeycloakAuthenticationFilter.class).in(Singleton.class);
 
-    // Not contains /docs/ (for swagger) and not ends with '/oauth/callback/' or
-    // '/keycloak/settings/' or '/system/state'
-    filterRegex("^(?!.*(/docs/))(?!.*(/keycloak/settings/?|/oauth/callback/?|/system/state/?)$).*")
-        .through(KeycloakAuthenticationFilter.class);
-    filterRegex("^(?!.*(/docs/))(?!.*(/keycloak/settings/?|/oauth/callback/?|/system/state/?)$).*")
-        .through(KeycloakEnvironmentInitalizationFilter.class);
-    filterRegex("^(?!.*(/docs/))(?!.*(/keycloak/settings/?|/api/oauth/callback/?)$).*")
-        .through(IdentityIdLoggerFilter.class);
+    filterRegex(KEYCLOAK_FILTER_PATHS).through(KeycloakAuthenticationFilter.class);
+    filterRegex(KEYCLOAK_FILTER_PATHS).through(KeycloakEnvironmentInitalizationFilter.class);
+    filterRegex(KEYCLOAK_FILTER_PATHS).through(IdentityIdLoggerFilter.class);
 
     // Ban change password (POST /user/password) and create a user (POST /user/) methods
     // but not remove user (DELETE /user/{USER_ID}
diff --git a/multiuser/keycloak/che-multiuser-keycloak-server/src/test/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilterTest.java b/multiuser/keycloak/che-multiuser-keycloak-server/src/test/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilterTest.java
index 01dbfc5de3..82097dcd56 100644
--- a/multiuser/keycloak/che-multiuser-keycloak-server/src/test/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilterTest.java
+++ b/multiuser/keycloak/che-multiuser-keycloak-server/src/test/java/org/eclipse/che/multiuser/keycloak/server/AbstractKeycloakFilterTest.java
@@ -49,28 +49,22 @@ public class AbstractKeycloakFilterTest {
     when(request.getRequestURI()).thenReturn(null);
   }
 
-  @Test
-  public void testShouldSkipAuthWhenRetrievingOIDCKeycloakJsFile() {
-    when(request.getRequestURI()).thenReturn("https://localhost:8080/api/keycloak/OIDCKeycloak.js");
-    assertTrue(abstractKeycloakFilter.shouldSkipAuthentication(request, null));
-  }
-
   @Test
   public void testShouldNotSkipAuthWhenNullTokenProvided() {
-    assertFalse(abstractKeycloakFilter.shouldSkipAuthentication(request, null));
+    assertFalse(abstractKeycloakFilter.shouldSkipAuthentication(null));
   }
 
   @Test
   public void testShouldNotSkipAuthWhenProvidedTokenIsNotMachine() {
     Jwt mock = Mockito.mock(Jwt.class);
     doReturn(mock).when(jwtParser).parse(anyString());
-    assertFalse(abstractKeycloakFilter.shouldSkipAuthentication(request, "token"));
+    assertFalse(abstractKeycloakFilter.shouldSkipAuthentication("token"));
   }
 
   @Test
   public void testAuthIsNotNeededWhenMachineTokenProvided() {
     when(jwtParser.parse(anyString())).thenThrow(MachineTokenJwtException.class);
-    assertTrue(abstractKeycloakFilter.shouldSkipAuthentication(request, "token"));
+    assertTrue(abstractKeycloakFilter.shouldSkipAuthentication("token"));
   }
 
   static class TestLoginFilter extends AbstractKeycloakFilter {