guys, let me comment that this is open source :) so something is not there?
work on it!
this is not a product you pay for, who is working paid by a company on it,
it's doing it inline with the corporate strategy, which may means that if a
is not a priority for their company, despite they understand its
importance, they may not give it priority.
On Fri, 26 Jul 2019 at 19:21, Nick Powers <sshscp(a)gmail.com> wrote:
Yes, I received a response to a message in the user mailing list
identified where I needed to enable it. Please ignore my original email on
this as I was able to enable this by turning on Request refresh token in
the IDP configuration in the Keycloak GUI. This is currently an
undocumented feature. Hopefully it will make it into the documentation
I apologize for the harshness of my original email, I was just at my wits
end. I would have responded to this sooner but I don't know how I can
respond to my own messages in this mailing list, since I do not receive me
own message in my inbox.
On Fri, Jul 26, 2019 at 9:47 AM Thomas Darimont <
> Hello Nick,
> "All it would take is to add "access_type=offline" to the Google auth
> and yet still it is broken, they just don't care enough to do even that
> simple task."
> isn't this already implemented?
> What's missing?
> On Thu, 25 Jul 2019 at 21:40, Nick Powers <sshscp(a)gmail.com> wrote:
>> I have wasted so much time deploying Keycloak to only learn in the end
>> it doesn't support Google offline access and thus cannot retrieve Google
>> refresh tokens. I am not alone, there are many messages in both the
>> Keycloak user and dev mailing lists discussing the lack of offline
>> for Google IDP on Keycloak.
>> When this comes up in the user mailing list the messages are generally
>> responded to. Which makes sense since there is not a working solution
>> receive Google refresh tokens using Keycloak's Google IDP solution. It
>> broken and thus the users cannot provide a solution.
>> When this comes up in this (the dev) mailing list, it is again ignored
>> it is debated but end up with the same sentiment, that offline access /
>> refresh tokens from Google IDP is not a worthwhile feature. I found
>> messages in the dev mailing list, spanning from 4 years ago to current
>> identifying this issue and yet it remains unfixed. All it would take is
>> add "access_type=offline" to the Google auth URL and yet still it is
>> broken, they just don't care enough to do even that simple task. They
>> think that it is silly that anyone would need a Google refresh token.
>> I found the code segment that related to Google offline access in
>> and there was a comment that identified an email address of the person
>> wrote that section of code. It was a Red Hat email, from regular user
>> this mailing list. I reached out to him and his response was that he
>> no time to respond to my query and that Red Hat does not support
>> Maybe don't put your email into code you don't want to get queries on?
>> if Red Hat is not supporting their own project, in any regard, and the
>> have no intention of fixing this bug the assumption is that Google IDP
>> never be fixed.
>> If you landed on this message, now or in the future, in hopes of
>> solution to get Google refresh tokens from Keycloak IDP all I can do is
>> to save you some time and say that Google IDP on Keycloak is currently
>> broken in that regards and if the past is any indication the devs have
>> intention of fixing the code to allow that access.
>> If any devs on this list disagree with this message then please let me
>> what I have missed and point me in the direction of a solution for this
>> issue....... I didn't think so.
>> keycloak-dev mailing list
keycloak-dev mailing list
*Dr. FEDERICO MICHELE FACCA*
*CTO, Head of Martel Lab*
*MARTEL INNOVATE* <https://www.martel-innovate.com/>
- INNOVATION, WE MAKE
Click *HERE* to download Martel reports and white papers!
Follow us on *TWITTER* <https://twitter.com/Martel_Innovate>