Re: [keycloak-dev] Improving SSO logout performance

Few things, which we can possibly do: - Currently when application initiates logout through servletRequest.logout , it sends request to Keycloak logout endpoint. This endpoint then sends backchannel request to all logged clients with registered admin URL. I think we can improve here and not send request to the original application, which initiated logout. For example: When product-portal application initiates logout through servletRequest.logout, the adapter itself should be already able to do all logout actions on it's side (invalidate httpSession etc) and there is no need to send another request from keycloak to product-portal to logout same httpSession. - Backchannel logout requests send by Keycloak (ResourceAdminManager) could be send in parallel. Currently they are send sequentially, which is not very optimal. WDYT? Marek _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev