[keycloak-user] Different token timeouts for clients under the same realm

Stian Thorgersen stian at redhat.com
Mon Aug 31 07:27:18 EDT 2015


Sounds like what you might want are offline tokens. They will allow clients to get a permanent token, which can be revoked by a user or admin, but doesn't expire. These should be added to 1.6 release.

----- Original Message -----
> From: "robinfernandes ." <robin1233 at gmail.com>
> To: keycloak-user at lists.jboss.org
> Sent: Friday, 28 August, 2015 12:32:07 PM
> Subject: [keycloak-user] Different token timeouts for clients under the same	realm
> 
> Hi All,
> 
> Is there a possibility where we can set different token timeouts for clients
> under the same realm?
> 
> The use case why we are trying to achieve this is basically we have 2
> applications which require 2 different timeout settings.
> We want the web client timeouts to be short since there would be human
> intervention there always, however we want our Agent timeouts to be very
> large since there might not be anyone to log into it again.
> 
> Using Keycloak we have seen that the timeout settings can be applied only at
> the realm level though, which forces us to have each application in a
> different realm.
> 
> Can we have the timeout settings at the client(application) level rather than
> the realm level so that we can put both the applications in the same realm?
> 
> Thanks & Regards,
> Robin
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list