<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">I am thinking about enable/disable
offline tokens per client. So in admin console in "Client
settings" tab there will be on/off switch "Enable offline tokens"
and you will be able to request offline token for particular
client just if switch is enabled. Offline token won't never
timeout, so there won't be any new option in realm timeout
settings though.<br>
<br>
Marek<br>
<br>
On 01/09/15 16:39, robinfernandes . wrote:<br>
</div>
<blockquote
cite="mid:CAFOTW4aNXQEhkEQYvqqOUqtv9EKGFdDgrJCSkgKXaAwadfGncA@mail.gmail.com"
type="cite">
<div dir="ltr">Thank you so much for that information.
<div>So would these offline tokens be at the realm level as well
as currently all token settings are at the realm level?<br>
Is there a roadmap for the 1.6 release?<br>
<br>
Thanks,<br>
Robin</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, Aug 31, 2015 at 7:27 AM, Stian
Thorgersen <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:stian@redhat.com" target="_blank">stian@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Sounds
like what you might want are offline tokens. They will allow
clients to get a permanent token, which can be revoked by a
user or admin, but doesn't expire. These should be added to
1.6 release.<br>
<div class="HOEnZb">
<div class="h5"><br>
----- Original Message -----<br>
> From: "robinfernandes ." <<a
moz-do-not-send="true"
href="mailto:robin1233@gmail.com"><a class="moz-txt-link-abbreviated" href="mailto:robin1233@gmail.com">robin1233@gmail.com</a></a>><br>
> To: <a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> Sent: Friday, 28 August, 2015 12:32:07 PM<br>
> Subject: [keycloak-user] Different token timeouts
for clients under the same realm<br>
><br>
> Hi All,<br>
><br>
> Is there a possibility where we can set different
token timeouts for clients<br>
> under the same realm?<br>
><br>
> The use case why we are trying to achieve this is
basically we have 2<br>
> applications which require 2 different timeout
settings.<br>
> We want the web client timeouts to be short since
there would be human<br>
> intervention there always, however we want our
Agent timeouts to be very<br>
> large since there might not be anyone to log into
it again.<br>
><br>
> Using Keycloak we have seen that the timeout
settings can be applied only at<br>
> the realm level though, which forces us to have
each application in a<br>
> different realm.<br>
><br>
> Can we have the timeout settings at the
client(application) level rather than<br>
> the realm level so that we can put both the
applications in the same realm?<br>
><br>
> Thanks & Regards,<br>
> Robin<br>
><br>
</div>
</div>
<div class="HOEnZb">
<div class="h5">>
_______________________________________________<br>
> keycloak-user mailing list<br>
> <a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>