[keycloak-dev] offline access
Bill Burke
bburke at redhat.com
Wed Apr 1 10:53:45 EDT 2015
Wanted to discuss again how offline access might be implemented. IMO,
offline access should be a REST api. Clients would request offline
access and the UserSession would be cloned and the ClientSession would
be cloned for that particular client. ID, Access token and refresh
token would also be regenerated and sent back with the response.
With this approach, the admin console and user account session
management pages will just work. These pages will just work they way
they already work with no extra changes.
Additionally, we would want to allow different session timeouts for
offline access.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list