[keycloak-user] Same user with multiple sessions/tokens?

rafterjiang rafterjiang at hotmail.com
Thu Jun 1 11:01:45 EDT 2017


Hello,

I am using Keycloak openID endpoint to retrieve access token from keycloak
server using Direct Access Grant mode. I found each time a NEW request is
made using SAME user account/credential, Keycloak returns a *NEW *access
token. (So I can see the same user with multiple sessions)

In this way, I am not sure if a refresh token is still needed, because we
can basically get a new token for each request and NOT care about the
expiration?

Is this expected? Is same user supposed to have many access tokens? Is there
any potential issues to work in this way?

thanks,
R



--
View this message in context: http://keycloak-user.88327.x6.nabble.com/Same-user-with-multiple-sessions-tokens-tp3937.html
Sent from the keycloak-user mailing list archive at Nabble.com.


More information about the keycloak-user mailing list