I adding keycloak into a legacy application that uses GWT and Jetty.I have managed to get add Keycloak application using Spring-security.Because this is GWT I am doing the authorisation in the application myself.Sping just provides a way to get access to the KeycloakSecurityContext.The issue I have is refreshing the token. I can get hold of aRefreshableKeycloakSecurityCon text instance and use that to get a refresh token. What surprised me is that I cannot refresh a token if the roles have changed.Is this correct. I was hoping that the application could notice the role changes and adapt itself on the fly.I do not want to have to logout to get the new roles it at all possible. Is there something that I have overlooked that will allowme to use the idToken to get a new accessToken given that the authentication of the user is still valid, it is just the roles the user is in that have changed.ThanksChris
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user