We have an angular app and are using the keycloak js adapter. We refresh the token if it
expires within 5 seconds. We also refresh the token every 15 minutes. Our users can jump
in and out of our angular app. When they come back in the initialization logic goes to the
key cloak server to make sure they are logged in. What our QA team is telling us is after
2-3 hours of clicking on the site the user is no longer logged in, but some of the calls
with bearer tokens still go through. We need to know if refreshing the token or doing the
'check-sso' extends the session.
Christopher Stephens
Show replies by date