[keycloak-user] how to intercept/flow: VerificationException: Token is not active

java_os java at neposoft.com
Thu Dec 22 06:17:00 EST 2016


Forgot to mention that the angular piece is under keycloak.js and so this
may be able to expire the session before A or B 's token becomes inactive?
Overall am trying to see how others handle this , as I think this is a
regular web/rest scenario that I am not the only one doing it.
Hoping to get some help from whoever.
Thanks

> Hi
> I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
> web layer calling A -> B.
>
> What is the best practices to handle "Token is not active" when user sits
> in front idle and token becomes inactive, http session still valid but KC
> token expired? If B reaches token not active, on the call from A to B -
> how would I propagate this to the front layer?
> A has to consume the ValidationException from B and notify front layer to
> auto logout or prompt the user with a message saying 'your session
> expired, please login' or automatically throw the user into the login
> prompt in front.
>
> For this scenario above, anyone share some thoughts?
> Thanks
>




More information about the keycloak-user mailing list