[keycloak-dev] Provide a Link to go Back to The Application on a Timeout

Thomas Raehalme thomas.raehalme at aitiofinland.com
Thu May 18 04:24:01 EDT 2017


On May 17, 2017 14:28, "Marek Posolda" <mposolda at redhat.com> wrote:

We have the issue that after session timeout, the page "An error
occurred, please login again through your application." can be shown.
This is even worse when there is no link to go back to the application
as users might be confused what to do. Details in
https://issues.jboss.org/browse/KEYCLOAK-4016 .
Some possibilities to solve:
1) Make the KC_RESTART cookie persistent. That will handle browser
restart, however it won't handle the case when browser history is deleted

2) Add client-id to every link as Stefan Baust suggested. Then we can
add the link to client base uri on the page. This is more work with the
possibility of error-prone if we miss to add the client-id to some link.
Also we will be able to provide the link just if client has "base-uri"

I'd appreciate option 2 as it is more user friendly because that's where
she came from. It's also more foolproof than option 1 where the browser
history can be deleted. If the base-uri is missing (probably by a
mistake?), maybe then fallback to the account management application.

Best regards,

More information about the keycloak-dev mailing list