[keycloak-user] Disable Sticky Sessions?
Marek Posolda
mposolda at redhat.com
Wed Aug 9 08:37:14 EDT 2017
On 09/08/17 10:13, Tomas Groth Christensen wrote:
> Hi,
>
> I am using keycloak as a broker where the user in a browser can choose
> which identity provider to use for authentication and this works just
> fine.
>
> We have also set up a "headless flow" where an application using the
> kc_idp_hint can preselect a special identity provider which can
> authenticate the user (with a special authenticator) without user
> interaction. This used to work fine, but with Keycloak 3.2.x this
> breaks, since now Keycloak requires cookies to be enabled. As far as I
> can tell this is because the AUTH_SESSION_ID cookie used for "Sticky
> sessions" is now a hard requirement.
>
> Is there a way to disable this hard requirement on cookies?
Am I understand correctly that you're using browser flow from the
non-browser applications?
ATM it's not possible to disable this.
Marek
>
> I know that enabling cookies will fix this for the application, but my
> problem is that there is multiple implementation of this application,
> and I don't control any of them.
>
> Best regards,
> Tomas
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list