[keycloak-user] Revoking individual refresh tokens
Bill Burke
bburke at redhat.com
Tue Jun 7 15:46:08 EDT 2016
Yes you can. IN the admin console, go to the individual user and go to
the sessions tab. You can then view each session the user has. This
action has a REST api behind it.
http://keycloak.github.io/docs/rest-api/index.html
REST api allows you to get list of sessions for the user, logout all
sessions for the user, and to remove an individual session.
On 6/7/16 3:22 PM, Peter Nalyvayko wrote:
> Hello,
> Is there a way to revoke/invalidate a refresh token issued to a
> specific user? My understanding is that I can revoke all of the
> previously issued refresh tokens using 'Revocation' and setting Not
> Before to Now; this is good but it would be great if I can revoke
> individual tokens as well.
> Thx
> --Peter
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160607/7bbb0796/attachment.html
More information about the keycloak-user
mailing list