[keycloak-user] Keycloak token and refresh token

Emil Posmyk emil.posmyk at gmail.com
Wed Mar 11 16:45:20 EDT 2015


Hi all

I did some research about refreshing the tokens and now I know how to do
this, but more important question is how should I use it. For example: when
we have an object AccessTokenResponse then we can use token (String) or
refresh token (this is used also for logout), first will be active eg: 5
minuts, but refresh token will be active forever (there is no expiration
time if I understood correctly). But should I use refresh token to
authenticate application or maybe only token with expiration should be used
?

Other case is that I have a method for getting a map with access token. I
used for that refresh token to get it. This access token now should be used
as a new token and it is right way ?




*regards*
*--*

*Emil Posmyk*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150311/5e2870fb/attachment.html 


More information about the keycloak-user mailing list