[keycloak-user] Exception after changing roles

Thomas Raehalme thomas.raehalme at aitiofinland.com
Wed Aug 19 14:10:10 EDT 2015


Hi,

On Wed, Aug 19, 2015 at 5:33 PM, Thomas Raehalme <
thomas.raehalme at aitiofinland.com> wrote:

> If a user is logged in and her client role mappings are changed in the
> admin UI, why is an exception thrown "User no long has permission for
> client role OLD_ROLE" when the token expires and the refresh token is used
> to acquire a new one?
>
> I was expecting the new token to contain the new set of roles, but instead
> got this error.
>

Redirecting the user to the Keycloak login seems to fix this issue.

Best regards,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150819/72db7784/attachment.html 


More information about the keycloak-user mailing list