Re: [keycloak-user] Unable To Use Refresh Token

Have you increased the owner count for the various caches to something greater than 1? On Mar 6, 2017 7:56 AM, "Sagar Ahire" <sagarahire(a)arvindinternet.com&gt; wrote: > Hello, > > I've deployed keyclock 2.4.0 in a kubernetes environment. While refreshing > the access token I'm getting following response. > {'error': 'invalid_grant', 'error_description': 'Client session not > active'}. > > Here is what I did: > Step1: First, I generated three access tokens and refresh tokens > (rf1,rf2,rf3), then I used this refresh_tokens to refresh the access > tokens. I got the access tokens successfully for all three requests. > (Successful scenario) > > Step2: I restarted some of the pods from the keyclock cluster, I tried to > refresh the access tokens using the same refresh tokens(rf1,rf2,rf3) > again, > using rf1 I could refresh the access token but using rf2,rf3 I got the > response mentioned above ('client session not active'). I made sure rf2 > and > rf3 are not expired. > > I'm unable to use refresh token even though it is not expired. I suspect > session created on one pod is not properly shared between all the members > of a cluster and I'm loosing the session if one of my pod is restarted or > goes down. > > Can someone please suggest any solution for this? Any help would be > greatly > appreciated. > > > > > regards, > -Sagar > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >