[keycloak-dev] Bearer token size
Leonardo Loch Zanivan
leonardo.zanivan at gmail.com
Mon May 4 14:42:49 EDT 2015
Hi,
I have a big problem here because of bearer token size.
I'm using keycloak within a SaaS application, so I need create alot of
realms.
After 30 realms created, the bearer token issued for master admin user has
more than 8kb.
It's huge for a single header, Apache limits 8kb headers by default.
With 1000 realms, the bearer token of master admin user will have 3.5mb.
It'll be impossible to use keycloak in production, it occurs because
"resource_access" property has all realms with all possible roles.
It's possible to create wildcard "*" for "resource_access" to prevent that
problem?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150504/28a6aeb9/attachment.html
More information about the keycloak-dev
mailing list