[keycloak-user] Disable Sticky Sessions?

[Tomas Groth Christensen]

ons, 09 08 2017 kl. 14:37 +-0200, skrev Marek Posolda:
+AD4- On 09/08/17 10:13, Tomas Groth Christensen wrote:
+AD4- +AD4- 
+AD4- +AD4- Hi,
+AD4- +AD4- 
+AD4- +AD4- I am using keycloak as a broker where the user in a browser can
+AD4- +AD4- choose
+AD4- +AD4- which identity provider to use for authentication and this works
+AD4- +AD4- just
+AD4- +AD4- fine.
+AD4- +AD4- 
+AD4- +AD4- We have also set up a +ACI-headless flow+ACI- where an application using
+AD4- +AD4- the
+AD4- +AD4- kc+AF8-idp+AF8-hint can preselect a special identity provider which can
+AD4- +AD4- authenticate the user (with a special authenticator) without user
+AD4- +AD4- interaction. This used to work fine, but with Keycloak 3.2.x this
+AD4- +AD4- breaks, since now Keycloak requires cookies to be enabled. As far
+AD4- +AD4- as I
+AD4- +AD4- can tell this is because the AUTH+AF8-SESSION+AF8-ID cookie used for
+AD4- +AD4- +ACI-Sticky
+AD4- +AD4- sessions+ACI- is now a hard requirement.
+AD4- +AD4- 
+AD4- +AD4- Is there a way to disable this hard requirement on cookies?
+AD4- Am I understand correctly that you're using browser flow from the+AKA-
+AD4- non-browser applications?

Yes, that is correct. I know it is not the +ACI-right+ACI- way of doing things,
but until this hard dependency on cookies was introduces, it actually
worked without issues. And it will continue to work if we enable
cookies.


+AD4- 
ATM it's not possible to disable this.



That was what I feared - but thank you for your answer.

Best regards,
Tomas