[keycloak-dev] direct grant cookies, and SSO

[Bill Burke]

I was thinking that using direct grant from Browser Javascript would 
work with SSO if direct grant created and returned an SSO cookie and 
also checked to see if an SSO cookie was set.  This way all the people 
wanting to completely bypass our login screens can do that. Why they 
would want to, I don't know.  We maybe should extend the direct grant 
protocol to tell the client when required actions must be filled out 
before authentication, stuff like that.

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com