Hello, I would like to know how De-provisioning of user in Federated IDP case being
handled in Keycloak.How frequently Keycloak validates the federated user status before
reissuing the new access token to the already authenticated user.Is there plans to support
SCIM (System for Cross-domain Identity Management) in Keycloak roadmap?
Following is our use case
1. There are few processes that will be authenticated with Federated IDP using SAML just
after user(A) registration is complete (one time login manually).2. Subsequently SP will
issue the token pair to these processes to use as long as Refresh token lifetime is
valid.3. Within this refresh token lifetime (if it too long) and in the case user(A) is
de-provisioned/removed, how would SP be aware to block this token renewal.
Please share your thoughts.
BestKamal