[keycloak-dev] User entity entries in database are getting deleted after Keycloak Migration and restart

Kalidindi, Sai Soma Kala sai-soma-kala.kalidindi at microfocus.com
Tue Jan 16 16:15:23 EST 2018


We are  using offline tokens for our clients, when we login in initially we give tag "offline" which gets us refresh and access tokens .

1)      We use 1.9.8 version of keycloak. We have configured our keycloak realm to set revoke refresh tokens, which means refresh tokens are revoked once used for refreshing.
2)      We have 2 keycloak clusters.
3)      Our client initially pointed to KC1 which is old environment .
4)      Now the KC1 database and certs are migrated to KC2 our new environment .
5)      Client refresh token which it got from old env works on new env, for some clients where as it does not work for others.
6)  What we have found is, we initially stop the keycloka service, migrate data and start it again. Once migration is done,  I check all the tables have right data, which looks good but after restart we see that it is synching user_entity table with ldap and 3 of the users are being deleted from user_entity and user_attribute table and hence any tokens associated with these 3 users are being deleted from the Offline_client_session and Offline_user_session . At this point I am not clear why it is deleting even though I see ldap has it.

Any suggestions or help is greatly appreciated.


More information about the keycloak-dev mailing list