[keycloak-user] Forcing reauthentication from a client, even when session is active

Stian Thorgersen sthorger at redhat.com
Mon Mar 6 09:33:51 EST 2017


OIDC has prompt=login and max_age params for it. Pretty sure we don't
support either at the moment though.

On 6 March 2017 at 15:14, John D. Ament <john.d.ament at gmail.com> wrote:

> On Mon, Mar 6, 2017 at 9:12 AM John Dennis <jdennis at redhat.com> wrote:
>
> > On 03/06/2017 08:47 AM, John D. Ament wrote:
> > > Hi,
> > >
> > > I have a use case where I need to reauthenticate a client, even if
> their
> > > session is active.  I can use the Keycloak javascript adapter on the
> > client
> > > side, if needed, and was wondering if this is something built in?  I
> was
> > > also expecting to leverage either the OIDC or SAML adapter on the
> server
> > > side.  Can that work, regardless or server side adapter?
> >
> > In SAML you set ForceAuthn=True in the AuthnRequest.
> >
> >
> This is not SAML specific.
>
>
> >
> > --
> > John
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list