[keycloak-user] Disable Sticky Sessions?
Tomas Groth Christensen
tgc at dma.dk
Wed Aug 9 04:13:18 EDT 2017
Hi,
I am using keycloak as a broker where the user in a browser can choose
which identity provider to use for authentication and this works just
fine.
We have also set up a "headless flow" where an application using the
kc_idp_hint can preselect a special identity provider which can
authenticate the user (with a special authenticator) without user
interaction. This used to work fine, but with Keycloak 3.2.x this
breaks, since now Keycloak requires cookies to be enabled. As far as I
can tell this is because the AUTH_SESSION_ID cookie used for "Sticky
sessions" is now a hard requirement.
Is there a way to disable this hard requirement on cookies?
I know that enabling cookies will fix this for the application, but my
problem is that there is multiple implementation of this application,
and I don't control any of them.
Best regards,
Tomas
More information about the keycloak-user
mailing list