[keycloak-dev] Cancel button on login form
Bill Burke
bburke at redhat.com
Wed Dec 11 16:01:27 EST 2013
On 12/11/2013 2:27 PM, Stian Thorgersen wrote:
> I added a cancel button to the login form. It results in a redirect to "<redirect_uri>?error=access_denied".
>
> Problem with it is that it doesn't make sense for all applications to have it. This mainly applies to applications that require a login, for example the admin console. Question is what do we do for those? Some alternatives:
>
This is not a problem IMO. Let the application decide how it wants to
handle a cancel.
> * Add an optional query param to login that disables it (.../tokens/login?nocancel)
> * Add a config option to the app that's set through admin console
> * Leave it and make the app show a sensible error message - "You're required to login blah blah, click here to login"
>
or
* redirect to "<redirect_uri>?error=cancelled"
or
* redirect to "<redirect_uri>?cancelled=true"
or from openid connect
* redirect to "<redirect_uri>?error=interaction_required"
Admin console would see this and just redirect back to the login page.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list