It's all controlled by the session and there are no way to get tokens that
work for longer. Issuing offline tokens to a web application would be a
really bad idea. If you want users to remain authenticated set the idle to
a higher value. That's it.
On 25 January 2017 at 15:09, David Delbecq <david_delbecq(a)trimble.com>
wrote:
Hello,
we have a javascript web application we are migrating to keycloak. I am not
sue what are the recommandations on setting up configuration for that
client with the following requirement:
Once user triggers the "login" and gets keycloak authenticated, we should
get a bearer token to use later on REST services.
The user should not be requested again to login, unless he logs out. Even
if he closes his browser. So we need a way to keep or replace token on a
regular basis. Is there some keycloak REST service we can poll on a regular
basis for this?
Sometimes the user goes "off grid" (no network communication) for several
hours. How can we ensure we still keep logged in?
My first idea was to just increase the SSO timeout and token validity to 30
days. But it seems like a bad idea from my reading of keycloak
documentation. So i tried to use an offline token instead, but it seems the
implicit flow doesn't allow you to get an offline token. All token i get
after login are marked as expiring within 15 minutes.
What's the recommended way to get long lived refresh token, using implicit
flow?
--
<
http://www.trimble.com/>
David Delbecq
Software engineer, Transport & Logistics
Geldenaaksebaan 329, 1st floor | 3001 Leuven
+32 16 391 121 <+32%2016%20391%20121> Direct
david.delbecq(a)trimbletl.com
<
http://www.trimbletl.com/>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user