[keycloak-user] Expire active token when user session if logged out
Himalaya Gupta
himalaya18 at gmail.com
Wed Dec 12 00:01:33 EST 2018
Hi,
My Client is ReactJS Application using keycloak javascript adaptor
I am trying the below scenario:
1. Login to client application via keyclock server and retrieve the
access-token in the client
2. Login to the Key-Clock Admin console and logout the active session
for the user for the given client.
3. On the client application i observe the following: The token is still
valid as it has not expired.When the token expires, the refresh token
request is stuck in refreshing the token (probably stuck as the user is
forcefully logged-out via AdminConsole)
Can you please let me know if there is a way to detect the Inactive session
and force the user to login even if the token is still valid via the
JavaScript API?
When trying to refresh the token and if the user session is logged out,
should the keycloak server just return an error instead of pending
response. Could this be a bug?
Any help would be appreciated in this regard. Thank you
--
Best regards,
Himalaya Gupta
More information about the keycloak-user
mailing list