Are you sure the performance gains are worth less security? What kind
of performance are you actually worried about? Network (size of tokens)
or CPU (signatures/marshaling/unmarshalling)? If anything, these
signatures are only going to get stronger in future releases.
On 5/24/16 5:46 AM, Matuszak, Eduard wrote:
Motivated by considerations on how to improve the performance of the
token generation process I have two questions:
* I noticed that Keycloak’s token generation via endpoint
“auth/realms/ccp/protocol/openid-connect/token” generates a triple
of tokens (access-, refresh- and id-token). Is there any
possibility to dispense with the id-token generation?
* Is there a possibility to cause Keycloak to generate more “simple”
bearer tokens then complex jwt-tokens?
Best regards, Eduard Matuszak
keycloak-user mailing list