[keycloak-user] Forcing reauthentication from a client, even when session is active
Bill Burke
bburke at redhat.com
Mon Mar 6 09:41:38 EST 2017
We support prompt=login.
On 3/6/17 9:33 AM, Stian Thorgersen wrote:
> OIDC has prompt=login and max_age params for it. Pretty sure we don't
> support either at the moment though.
>
> On 6 March 2017 at 15:14, John D. Ament <john.d.ament at gmail.com> wrote:
>
>> On Mon, Mar 6, 2017 at 9:12 AM John Dennis <jdennis at redhat.com> wrote:
>>
>>> On 03/06/2017 08:47 AM, John D. Ament wrote:
>>>> Hi,
>>>>
>>>> I have a use case where I need to reauthenticate a client, even if
>> their
>>>> session is active. I can use the Keycloak javascript adapter on the
>>> client
>>>> side, if needed, and was wondering if this is something built in? I
>> was
>>>> also expecting to leverage either the OIDC or SAML adapter on the
>> server
>>>> side. Can that work, regardless or server side adapter?
>>> In SAML you set ForceAuthn=True in the AuthnRequest.
>>>
>>>
>> This is not SAML specific.
>>
>>
>>> --
>>> John
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list