Ok, this is what I have to far. I confirmed that deleteAccount isn't enough. By deleting the account and attempting to connect again, the login webview shows up but disappears right afterwards. I suspect the Android application knows that you are still logged in because the webview stores cookies somehow. If I call GET <logout_url> with an HTTP client, nothing happens. The keycloak administration page shows that I'm still logged in. I believe logout would only work if everything was being executed in the same HTTP client instance. I'm trying another client that seems to give more control over current status. Hopefully logout will work. Thanks. On Wed, Apr 20, 2016 at 1:51 PM Summers Pittman <supittma(a)redhat.com&gt; wrote: > On Wed, Apr 20, 2016 at 5:20 AM, Emanuel Couto < > emanuel.amaral.couto(a)gmail.com&gt; wrote: > >> Does that mean I should send the bearer token if I want to logout a >> specific user? If that's it how do I do it? >> > > OAuth2 (which is what the AG Authz lib implements) doesn't specify a > logoff procedure so it isn't supported directly in the library. > > Your best out of the box option is to delete the account using the deleteAccount > method on your module. This will remove the local access to the account > and eventually your tokens will expire on the server. > > As a note : delete account does NOT guarantee to delete session cookies > for the third party sign in. IE if you use Chrome to sign into your google > account to sign into keycloak, delete your account, and then log in again > you will not be prompted for your google credentials because that sign in > is part of Chrome's session and not the app's. > > >> >> The customer and products demos are here: >> >> https://github.com/keycloak/keycloak/tree/master/examples/demo-template/c... >> >> https://github.com/keycloak/keycloak/tree/master/examples/demo-template/p... >> >> In the documentation page there is a 3 part tutorial (The Basics) >> explaining how to install these apps: >> http://keycloak.jboss.org/docs >> >> Everything is web based. >> >> Thanks. >> >> On Tue, Apr 19, 2016 at 6:31 PM Summers Pittman <supittma(a)redhat.com&gt; >> wrote: >> >>> On Tue, Apr 19, 2016 at 1:01 PM, Emanuel Couto < >>> emanuel.amaral.couto(a)gmail.com&gt; wrote: >>> >>>> Hello. >>>> >>>> I'm trying to login and logout to KeyCloak through an Android >>>> application. So far I was able to login using AeroGear Authz. What happens >>>> is that a web view is created every time login is required. However I don't >>>> understand how logout works. In the documentation it states that you should >>>> point to 'auth/realms/.../logout'. How does it figure out which client am >>>> I? Through a session or maybe cookies? >>>> >>> >>> It has been a while since I looked at the code, but IIRC AeroGear authz >>> stores the bearer token that has been exchanged with the webview. >>> >>> >>> >>>> The other question is how would customer-portal and product-portal be >>>> implemented in android, theoretically? >>>> >>> I'm not familiar with those, could you link me? >>> >>>> >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>> >>> >>>