Found some issues in KC tracker, looks like both of them are related to
CORS error that I was referring to
https://issues.jboss.org/browse/KEYCLOAK-4214
https://issues.jboss.org/browse/KEYCLOAK-5304
1st one seems to be In Progress, but it was moved to this status 6 months
ago
On Thu, Nov 30, 2017 at 3:09 PM Виталий Ищенко <betalb(a)gmail.com> wrote:
Hello
I'm trying to setup seamless logout flow for SPA, but falling into issue
in the following scenario
User is logged-in with a public client using code grant and check login
iframe enabled.
I see that KEYCLOAK_SESSION cookie is set during code exchange phase, and
later used in iframe to validate user session
Application refreshes token using refresh_token when access_token is close
to expiration
Now I log user out from application using Keycloak admin app
I do not expect that user should be logged-out immediately.
But what I do expect is to get error response from a token endpoint, when
I will try to refresh token next time.
Response, returned by OP, doesn't have Cors Headers, so application can't
access any information from response that will allow distinguishing between
network error and cors related errors
Other option may be to clear cookie in response to token endpoint call
Any help will be appreciated