Re: [keycloak-user] Problems with expired user action emails

How are you creating the user action emails? Is it through the admin console? On 19 November 2015 at 11:38, Samuel Otter <samuel.otter(a)gmail.com&gt; wrote: > Hi, > > We have discovered a somewhat strange behavior with the User Action > timeouts. We need to have a fairly long User Action timeout but the links > provided in the emails to the users expire well before that time. After > some digging around in the source code I think this is because both a user > and a client session is created for the user action, but when the user > session expires and is removed the client session is also removed with it. > If we set the User Session SSO timeout to the same value it does indeed > seem to work as expected. > > This seems unintentional and I can't really see why the user session is > created at all in this case as it is not really used as far as I can tell > (the client session id is used in the email link)? OTOH I am not sure why > the client session is removed when the user session expires? Or have we > completely misunderstood how this is supposed to work? > > Anyway, as it is you can't really have a User Action timeout that is > longer than the SSO Session timeout. > > Thanks, > Samuel Otter > > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >