[keycloak-user] Keycloak token expiration and user script

Haim Vana haimv at perfectomobile.com
Mon Jan 2 10:58:00 EST 2017


Hi,

Currently when user execute a script (e.g. using selenium) he generates offline token, our application (selenium server) generates access token for the user from the given offline token.

The problem is that the access token is expired after 5 minutes (default configuration of Access Token Lifespan in the realm settings).

If we increase the default value it means that the UI tokens will also be affected, and it might be less secure.

What's the best way you recommend to solve it ? should the application (our selenium server) refresh the token every 5 minutes until the script is finished ? or there is another option ? some kind of different token for that purpose ?


Thanks for your help and time,
Haim.
The information contained in this message is proprietary to the sender, protected from disclosure, and may be privileged. The information is intended to be conveyed only to the designated recipient(s) of the message. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.


More information about the keycloak-user mailing list