[keycloak-user] Two browser tabs result in two

By the way, our parameters to the js init function were lost in the mailing list. It should have read: keycloakAuth.init({ onLoad: 'login-required', responseMode: 'fragment', flow: 'standard', checkLoginIframe: false}) Cheers, Anders Date: Wed, 4 Oct 2017 05:47:52 -0700 (MST) From: Anders KK <anders.kabell.kristensen(a)systematic.com&gt; Subject: [keycloak-user] Two browser tabs result in two access-/refresh tokens and accidental logout To: keycloak-user(a)lists.jboss.org Message-ID: <1507121272796-0.post(a)n6.nabble.com&gt; Content-Type: text/plain; charset=us-ascii Hi guys, We run into an accidental logout when opening our application in a second tab in the browser. It seems that the second tab acquires its own access-/refresh token pair, however, the tabs share the session. Consequently, when the first tab needs to refresh its token, the refresh token is no longer valid, resulting in the first tab initiating a logout - and then the second tab only lives until token expiration, since refresh fails due to the first tab having ended the session. Looking into the js adapter code we got the impression that the tabs would share tokens through local storage - is this something we need to activate explicitly in the configuration? We have a setup with an Angular2 app making use of the Keycloak js adapter. We made use of the example provided with the 3.0.0 quickstarts, but modified the parameters for the init function: Thanks for the great effort put into Keycloak! Anders