[keycloak-user] backchannel logout, Logout-all-sessions as user

Bill Burke bburke at redhat.com
Thu Jun 1 12:15:57 EDT 2017


backchannel logouts require authenticated and authorized requests.  So 
what's the problem?  don't understand


On 6/1/17 10:29 AM, Jan Bartosz wrote:
> Hi,
>
> My concern is about logging 'logout-all-sessions' action as a user. I see
> AdminEvent is raised in case admin invokes it.
> I assume it was done by purpose - is there some rule/specification behind,
> like "backchannel logouts shouldn't be exposed to the outside world"?
> Is there a way I can create some provider/broker/... maybe aspect, or
> extend some behaviour to catch this backchannel-logout?
>
> Many Thanks in advance!
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list