[keycloak-dev] remember me/refresh token support in

Bill Burke bburke at redhat.com
Mon Feb 24 20:37:59 EST 2014

* Remember me support is now in.  Only works for non-social logins at 
the moment though.
* admin console can now configure remember me, central login timeout, 
refresh token timeout, access token timeout, and access code timeout
* Refresh token is always sent back with a grant request in the 
* Adapters will now check the access token's expiration on each request. 
  If it is stale, it will attempt to refresh it.  BTW, this will fail if 
the access token's roles allowed don't match the users or 
application/oauth client scope anymore and the user will be redirected 
back to the authentication server.
* Javascript adapter was also updated.  I implemented a 
onValidAccessToken(successCallback) method that will check the token, 
refresh it if needed, then invoke a callback.  The customer-app-js 
example was updated to reflect using this callback method.
* I wrote a Javascript adapter docbook chapter and a small chapter on 
what are the best practices for all the token timeout settings.

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-dev mailing list