[keycloak-user] Keycloak token expiration and user script

Stian Thorgersen sthorger at redhat.com
Tue Jan 3 00:41:49 EST 2017


Refresh. We may in the future introduce an option to have different
expiration for different clients, but that's not on the immediate roadmap.

On 2 January 2017 at 16:58, Haim Vana <haimv at perfectomobile.com> wrote:

> Hi,
>
> Currently when user execute a script (e.g. using selenium) he generates
> offline token, our application (selenium server) generates access token for
> the user from the given offline token.
>
> The problem is that the access token is expired after 5 minutes (default
> configuration of Access Token Lifespan in the realm settings).
>
> If we increase the default value it means that the UI tokens will also be
> affected, and it might be less secure.
>
> What's the best way you recommend to solve it ? should the application
> (our selenium server) refresh the token every 5 minutes until the script is
> finished ? or there is another option ? some kind of different token for
> that purpose ?
>
>
> Thanks for your help and time,
> Haim.
> The information contained in this message is proprietary to the sender,
> protected from disclosure, and may be privileged. The information is
> intended to be conveyed only to the designated recipient(s) of the message.
> If the reader of this message is not the intended recipient, you are hereby
> notified that any dissemination, use, distribution or copying of this
> communication is strictly prohibited and may be unlawful. If you have
> received this communication in error, please notify us immediately by
> replying to the message and deleting it from your computer. Thank you.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list