[keycloak-dev] application session state update
Sebastian Rose
sebastian.rose at aoe.com
Fri Mar 27 12:22:06 EDT 2015
Hi everyone,
The endpoint /auth/realms/<realm>/protocol/openid-connect/access/codes has a parameter for the session id of a secured application (adapters use it): application_session_state. The Endpoint /auth/realms/<realm>/protocol/openid-connect/refresh has not. At least this is what i saw within the code. Sorry, if it's there.
We have integrated our own application a la adapter, using these two url's and it's working fine. Our application completes the login via the first endpoint and changes it's session id after the successful login. This means when a logout event is send to our application, the old session id is used.
So i'm asking if it makes sense to you to have the same parameter for the refresh-url to cover our requirement or to integrate an application_session_state update endpoint to add/delete/update additional/new session id's.
Best Regrads
Sebastian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150327/77f250c8/attachment.html
More information about the keycloak-dev
mailing list