[keycloak-user] Token validation in keycloak in oauth with direct access.

Emil Posmyk emil.posmyk at gmail.com
Fri Feb 27 15:47:46 EST 2015


Hello all

I'm trying to validate downloaded earlier token (downloaded via oauth
application with direct access) and I found RSATokenVerifier. It's working
but this is only json validation and it is not checking same token from
user session which exist in memmory.

It is possible to use same token and check it with existing in user session
(without clustering) ? I want to use the same token several times (for
example same token for 5 minutes). Token is sent from client webservice to
other webservice and last ws have to check token wchich is sent from first
webservice (must make sure that token is correct - the same).

I have doubt becouse I saw that always when I try to authenticate with
direct access token is new but not over 5 minutes.



*regards*
*--*

*Emil Posmyk*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150227/5acfe633/attachment.html 


More information about the keycloak-user mailing list