[keycloak-user] User roles deleted after SSO idle session expires
Pedro Igor Silva
psilva at redhat.com
Wed Mar 20 08:11:02 EDT 2019
Hi,
Are you using a broker to authenticate your users ? Your setup is not clear
if that is the case, so I'm not sure if the method you pointed out is
related.
Can you confirm that this scenario was working before?
By losing roles, you mean they are not within the access token?
Regards.
Pedro Igor
On Tue, Mar 19, 2019 at 9:16 AM MEHDi CHAABOUNi <mehdi.chaabouni at gmail.com>
wrote:
> Hi,
>
> This is our Keycloak setup:
>
> - Keycloak docker container 4.4.0.Final
> - Azure Active Directory (mapping groups to roles)
> - Keycloak client protocol: openid-connect
> - 3 optional client scopes
>
>
> We noticed lately that users using the front-end application (angular) are
> losing all roles after the SSO idle session expires.
> This behaviour is also seen in the 4.8.3.Final version.
> It seems that the Identity Provider Mappers are not triggered for some
> reason and I can't dig any deeper nothing much is logged in the method
> IdentityBrokerService.authenticated(BrokeredIdentityContext context).
>
> Any ideas?
> How can I run Keycloak form source?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list