Re: [keycloak-user] Force token refresh with the Spring Security adapter
Hi,
any news on this? I would like to initiate programmatically a refresh of
the token once the profile of the user is updated in the app itself (via
rest api) in order to e.g. display in the header the changed firstname of
the logged-in user (which is retrieved from ((KeycloakAuthenticationToken)
principal).getAccount().getKeycloakSecurityContext().getToken())) without
the need to logout/login again in order to get the updated token.
Kind regards,
Dirk
On Thu, Jan 12, 2017 at 12:48 PM, Aritz Maeztu <amaeztu(a)tesicnor.com> wrote:
I'm using keycloak in a java client, configured with the Spring
Security
adapter.
I've got a custom mapper in my keycloak configuration, so when the
access token is refreshed, keycloak accesses an endpoint to retrieve
some user permissions and they're stored in the token itself. Later on,
my client application checks the token without having to perform the
access to the permission endpoint itself (increased performance).
However, when an admin user changes his own permissions, I would like
the keycloak adapter to refresh the token after the permissions are
stored, this way the admin user is not required to have its token
refreshed or to re-login to load his new permissions.
Is there a way to achieve it? Some kind of operation to refresh current
session's token?
--
Aritz Maeztu Otaño
Departamento Desarrollo de Software
<https://www.linkedin.com/in/aritz-maeztu-ota%C3%B1o-65891942>
<http://www.tesicnor.com>
Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
Telf. Aritz Maeztu: 948 68 03 06
Telf. Secretaría: 948 21 40 40
Antes de imprimir este e-mail piense bien si es necesario hacerlo: El
medioambiente es cosa de todos.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user