[keycloak-dev] Bearer token size
Bill Burke
bburke at redhat.com
Mon May 4 14:59:35 EDT 2015
Log a JIRA. We don't have a workaround for this.
On 5/4/2015 2:42 PM, Leonardo Loch Zanivan wrote:
> Hi,
>
> I have a big problem here because of bearer token size.
>
> I'm using keycloak within a SaaS application, so I need create alot of
> realms.
>
> After 30 realms created, the bearer token issued for master admin user
> has more than 8kb.
> It's huge for a single header, Apache limits 8kb headers by default.
> With 1000 realms, the bearer token of master admin user will have 3.5mb.
> It'll be impossible to use keycloak in production, it occurs because
> "resource_access" property has all realms with all possible roles.
>
> It's possible to create wildcard "*" for "resource_access" to prevent
> that problem?
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list