[keycloak-user] Bookmarking keycloak login pages
Matt Evans
mevans at aconex.com
Mon Aug 21 22:47:55 EDT 2017
We have people that have bookmarked the login page of keycloak so that they can return there and authenticate, rather than go to the client app page and be redirected.
This doesn't work because the bookmark they have contains time sensitive information, e.g. the nonce and state etc. So they can authenticate correctly, but when redirected to the application it fails.
Is there anything that can be done for this situation? I thought perhaps including the information as post body parameters and doing a post rather than redirecting with query string parameters, but this doesn't work, POST is not an accepted http method. Also I assume that returning there from a bookmark won't work either because that post body information will be missing...
Matt
More information about the keycloak-user
mailing list