[keycloak-user] Notifying clients after session creation in Keycloak

Daniel Radzikowski dradzikowski at bluesoft.net.pl
Fri Feb 10 04:25:22 EST 2017


Hi,

I'm working on custom SSO, which uses Direct Grant API to store sessions in
Keycloak. The SSO creates own cookie and data related to it and then
creates session in Keycloak calling /protocol/openid-connect/token, hiding
returned tokens behind the cookie. I'm aware that solution isn't the best
one, but that's not the case now.

​What I need now is ​to provide OpenID Connect Authorization Code Flow to
external clients of my custom SSO. The easiest solution would be if they
called Keycloak directly, but then the session in custom SSO is not created
and the Keycloak session in not related to the user data stored in custom
SSO.

The question is if there is any way to notify clients (custom SSO) after
successful session creation in Keycloak? It would need to call the custom
SSO with the contents of /protocol/openid-connect/token response, allowing
the custom SSO to store tokens behind the cookie. What if I implemented
such a feature and merged it to Keycloak?

-- 
Pozdrawiam,
Daniel Radzikowski.


More information about the keycloak-user mailing list