Re: [keycloak-user] SSO on non-protected / public urls

Greetings Pedro, We need SSO on non protected resources for a number of reasons outlined below: 1) We have a series of portals (company, services, products, subsidiaries, etc) that have both public and protected areas. So, we need to be able to identify a user that lands on a public url (e.g. by following a link) in order to show personalized content. Google offers similar functionality - Go to https://mail.google.com - Login - Then go to https://www.youtube.com - You see personalized content on a page that is obviously public In my view, this is an important added value of SSO. 2) The main website consists of a series of applications (actually portals) than are put together at user interface level. So, the user may navigate from a protected portal to a public portal e.g. - From: https://www.example.com/customers (protected) - To: https://www.example.com/services (public) As the customer navigates to public urls then the application cannot show logged in user information and list of available actions. This is bad from user experience point of view since the user will see himself/herself as logged in on /customers but as anonymous on /service while on the same website (the user cannot understand that he navigates to different apps) 3) We have been using this functionality for 10+ years so renouncing it would be a major regression. Best Regards, Michalis On 01/02/2018 04:33 PM, Pedro Igor Silva wrote: