[keycloak-user] Different token timeouts for clients under the same realm

Marek Posolda mposolda at redhat.com
Wed Sep 16 04:30:11 EDT 2015 

On 16/09/15 09:52, Stian Thorgersen wrote:
> It's pretty easy to build dev version of Keycloak, see 
> https://github.com/keycloak/keycloak/blob/master/misc/HackingOnKeycloak.md 
> for more details
>
> 1.6 should be available around 9th October, not sure when offline 
> tokens will be ready in developer version.
I should have something this week and doing more polishing (including 
example application etc) next week. You can monitor the keycloak-dev ML 
when I will post some update.

Marek
>
> On 15 September 2015 at 20:12, robinfernandes . <robin1233 at gmail.com 
> <mailto:robin1233 at gmail.com>> wrote:
>
>     Hi Marek,
>
>     The offline token for particular clients fits our use case perfectly.
>     So is there a way that I can have access to the current
>     developer's version of Keycloak like an alpha/beta version of the
>     1.6 release with the "Offline tokens" when it is implemented?
>     Also is there a roadmap for the 1.6 release as of yet?
>
>     Thanks,
>     Robin
>
>     On Wed, Sep 2, 2015 at 1:29 AM, Marek Posolda <mposolda at redhat.com
>     <mailto:mposolda at redhat.com>> wrote:
>
>         I am thinking about enable/disable offline tokens per client.
>         So in admin console in "Client settings" tab there will be
>         on/off switch "Enable offline tokens" and you will be able to
>         request offline token for particular client just if switch is
>         enabled. Offline token won't never timeout, so there won't be
>         any new option in realm timeout settings though.
>
>         Marek
>
>
>         On 01/09/15 16:39, robinfernandes . wrote:
>>         Thank you so much for that information.
>>         So would these offline tokens be at the realm level as well
>>         as currently all token settings are at the realm level?
>>         Is there a roadmap for the 1.6 release?
>>
>>         Thanks,
>>         Robin
>>
>>         On Mon, Aug 31, 2015 at 7:27 AM, Stian Thorgersen
>>         <stian at redhat.com <mailto:stian at redhat.com>> wrote:
>>
>>             Sounds like what you might want are offline tokens. They
>>             will allow clients to get a permanent token, which can be
>>             revoked by a user or admin, but doesn't expire. These
>>             should be added to 1.6 release.
>>
>>             ----- Original Message -----
>>             > From: "robinfernandes ." <robin1233 at gmail.com
>>             <mailto:robin1233 at gmail.com>>
>>             > To: keycloak-user at lists.jboss.org
>>             <mailto:keycloak-user at lists.jboss.org>
>>             > Sent: Friday, 28 August, 2015 12:32:07 PM
>>             > Subject: [keycloak-user] Different token timeouts for
>>             clients under the same  realm
>>             >
>>             > Hi All,
>>             >
>>             > Is there a possibility where we can set different token
>>             timeouts for clients
>>             > under the same realm?
>>             >
>>             > The use case why we are trying to achieve this is
>>             basically we have 2
>>             > applications which require 2 different timeout settings.
>>             > We want the web client timeouts to be short since there
>>             would be human
>>             > intervention there always, however we want our Agent
>>             timeouts to be very
>>             > large since there might not be anyone to log into it again.
>>             >
>>             > Using Keycloak we have seen that the timeout settings
>>             can be applied only at
>>             > the realm level though, which forces us to have each
>>             application in a
>>             > different realm.
>>             >
>>             > Can we have the timeout settings at the
>>             client(application) level rather than
>>             > the realm level so that we can put both the
>>             applications in the same realm?
>>             >
>>             > Thanks & Regards,
>>             > Robin
>>             >
>>             > _______________________________________________
>>             > keycloak-user mailing list
>>             > keycloak-user at lists.jboss.org
>>             <mailto:keycloak-user at lists.jboss.org>
>>             > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>>
>>         _______________________________________________
>>         keycloak-user mailing list
>>         keycloak-user at lists.jboss.org
>>         <mailto:keycloak-user at lists.jboss.org>
>>         https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150916/6bbcfa3b/attachment-0001.html

More information about the keycloak-user mailing list