[keycloak-user] Different token timeouts for clients under the same realm

Stian Thorgersen sthorger at redhat.com
Wed Sep 16 03:52:41 EDT 2015


It's pretty easy to build dev version of Keycloak, see
https://github.com/keycloak/keycloak/blob/master/misc/HackingOnKeycloak.md
for more details

1.6 should be available around 9th October, not sure when offline tokens
will be ready in developer version.

On 15 September 2015 at 20:12, robinfernandes . <robin1233 at gmail.com> wrote:

> Hi Marek,
>
> The offline token for particular clients fits our use case perfectly.
> So is there a way that I can have access to the current developer's
> version of Keycloak like an alpha/beta version of the 1.6 release with the
> "Offline tokens" when it is implemented?
> Also is there a roadmap for the 1.6 release as of yet?
>
> Thanks,
> Robin
>
> On Wed, Sep 2, 2015 at 1:29 AM, Marek Posolda <mposolda at redhat.com> wrote:
>
>> I am thinking about enable/disable offline tokens per client. So in admin
>> console in "Client settings" tab there will be on/off switch "Enable
>> offline tokens" and you will be able to request offline token for
>> particular client just if switch is enabled. Offline token won't never
>> timeout, so there won't be any new option in realm timeout settings though.
>>
>> Marek
>>
>>
>> On 01/09/15 16:39, robinfernandes . wrote:
>>
>> Thank you so much for that information.
>> So would these offline tokens be at the realm level as well as currently
>> all token settings are at the realm level?
>> Is there a roadmap for the 1.6 release?
>>
>> Thanks,
>> Robin
>>
>> On Mon, Aug 31, 2015 at 7:27 AM, Stian Thorgersen <stian at redhat.com>
>> wrote:
>>
>>> Sounds like what you might want are offline tokens. They will allow
>>> clients to get a permanent token, which can be revoked by a user or admin,
>>> but doesn't expire. These should be added to 1.6 release.
>>>
>>> ----- Original Message -----
>>> > From: "robinfernandes ." < <robin1233 at gmail.com>robin1233 at gmail.com>
>>> > To: keycloak-user at lists.jboss.org
>>> > Sent: Friday, 28 August, 2015 12:32:07 PM
>>> > Subject: [keycloak-user] Different token timeouts for clients under
>>> the same  realm
>>> >
>>> > Hi All,
>>> >
>>> > Is there a possibility where we can set different token timeouts for
>>> clients
>>> > under the same realm?
>>> >
>>> > The use case why we are trying to achieve this is basically we have 2
>>> > applications which require 2 different timeout settings.
>>> > We want the web client timeouts to be short since there would be human
>>> > intervention there always, however we want our Agent timeouts to be
>>> very
>>> > large since there might not be anyone to log into it again.
>>> >
>>> > Using Keycloak we have seen that the timeout settings can be applied
>>> only at
>>> > the realm level though, which forces us to have each application in a
>>> > different realm.
>>> >
>>> > Can we have the timeout settings at the client(application) level
>>> rather than
>>> > the realm level so that we can put both the applications in the same
>>> realm?
>>> >
>>> > Thanks & Regards,
>>> > Robin
>>> >
>>> > _______________________________________________
>>> > keycloak-user mailing list
>>> > keycloak-user at lists.jboss.org
>>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150916/d79dcebe/attachment.html 


More information about the keycloak-user mailing list