[keycloak-dev] Cancel button on login form

Bill Burke bburke at redhat.com
Wed Dec 11 16:01:27 EST 2013



On 12/11/2013 2:27 PM, Stian Thorgersen wrote:
> I added a cancel button to the login form. It results in a redirect to "<redirect_uri>?error=access_denied".
>
> Problem with it is that it doesn't make sense for all applications to have it. This mainly applies to applications that require a login, for example the admin console. Question is what do we do for those? Some alternatives:
>

This is not a problem IMO.  Let the application decide how it wants to 
handle a cancel.

> * Add an optional query param to login that disables it (.../tokens/login?nocancel)
> * Add a config option to the app that's set through admin console
> * Leave it and make the app show a sensible error message - "You're required to login blah blah, click here to login"
>

or

* redirect to "<redirect_uri>?error=cancelled"

or

* redirect to "<redirect_uri>?cancelled=true"

or from openid connect

* redirect to "<redirect_uri>?error=interaction_required"

Admin console would see this and just redirect back to the login page.



-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list