Some of our clients are generating many REFRESH_TOKEN_ERROR events but I
don't see anywhere that the error description from the exception is
logged/stored. The keycloak event itself only says 'invalid token', but I'd
like to see the
'{"error":"invalid_grant","error_description":"Session
not
active"}' details as well to be able to provide specific guidance around
why their refresh calls are failing.
I tried registering an Exception Mapper provider, but it doesn't looks like
that's supported yet (
http://lists.jboss.org/pipermail/keycloak-dev/2016-June/007361.html).
We're running RH-SSO 7.1.3.
Thanks!
Jared Blashka
Red Hat