Hi,
I guess you are referring to ID Tokens.
If so, it is not possible. ID tokens represent the result of an
authentication, using a client that is acting on behalf of your users.
Distinct clients mean distinct ID Tokens and sessions on the server.
Keycloak tracks sessions on a per-client basis (grouped under a user
session).
Also, during authentication, in addition to the ID Token, you usually also
get (and need) an access token and refresh token. Only the client to which
those tokens were issued is allowed to use them.
Regards.
Pedro Igor
On Fri, Sep 6, 2019 at 12:45 PM Yang Yang <yy8402(a)icloud.com> wrote:
Hello,
Is it possible for two clients of the same realm share tokens?
I am aware that when a user gets the token for a client, she will be
redirected to get a new token when accessing another client. This is
reasonable and necessary to stop attacks like CSRF, but if both of the two
clients are trusted and registered on the same realm, we may be able to
simplify the process.
If possible, could you help to tell how to do it?
Thanks,
Yang
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user