Hi,
I use the /auth/realms/{realm}/protocol/openid-connect/token endpoint to create a User
Session. The Session is shown inside keycloak and i get the access_token, refresh_token
and id_token.
When I now call the /auth/realms/{realm}/protocol/openid-connect/token/introspect I get a
valid response containing “active”:”true” amongst others. I call it using POST method and
providing cient_id, client_secret and token parameter as data. The token parameter
contains the access_token value.
I now log in to keycloak administrator and logout the User. Now I again call the
introspection endpoint but still get a response containing "active":”true”. It
seems that keycloak is caching the User Session and after some time I get
“active”:”false”. May I be able to disable caching and to immediately get a introspection
response that indicates that the User Session does not longer exist?
Btw.: The same happens when I call the
/auth/realms/{realm}/protocol/openid-connect/logout?redirect_uri= endpoint. I provided the
access_token in the header. POST parameters are client_id, client_secret and refresh_token
is this case.
I use the introspection endpoint in the different RPs I use to validate whether the
access_token is revoked in order to introduce single logout. Hence it would be nice to
disable the caching to have less inconsistence.
Bests
Jannik