12:34 p.m.
Hello Ori,
How do you implement SSO for your desktop application? Are you using kcinit [1] or
KeycloakInstalled [2]?
Both will do interactive login via the system browser, that means, SSO cookies should be
shared with whatever web application that is run therein.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
[1] https://github.com/keycloak/kcinit
[2] https://www.keycloak.org/docs/latest/securing_apps/index.html#_installed_...
On Wed, 2018-11-14 at 10:36 +0000, Ori Doolman wrote:
Hi,
I have 2 applications: one is desktop (Windows) and the other one is a web application.
My desktop application performs authentication and login using Keycloak, and getting a
JWT Access Token.
My web application is using the Keycloak JS adapter to perform the same.
After I login to my desktop application, is there a way to pass the generated access
token to the web application and continue the same session? Or at least have an SSO
experience and get another token for the user without the user entering the credentials
again?
Maybe I can pass the token and refresh token from desktop application as init parameters
to the Keycloak-JS ?
I see the following code is checking if initOptions contains the token:
function processInit() {
var callback = parseCallback(window.location.href);
if (callback) {
window.history.replaceState({}, null, callback.newUrl);
}
if (callback && callback.valid) {
return setupCheckLoginIframe().success(function() {
processCallback(callback, initPromise);
}).error(function (e) {
initPromise.setError();
});
} else if (initOptions) {
if (initOptions.token && initOptions.refreshToken) {
setToken(initOptions.token, initOptions.refreshToken,
initOptions.idToken);
Thanks,
Ori Doolman
Lead Software Architect
Amdocs Optima
> [cid:image001.png@01D2C8DE.BFF33E10]
“Amdocs’ email platform is based on a third-party, worldwide, cloud-based system. Any
emails sent to Amdocs will be processed and stored using such system and are accessible by
third party providers of such system on a limited basis. Your sending of emails to Amdocs
evidences your consent to the use of such system and such processing, storing and
access”.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user