[keycloak-user] refresh_token flow doesn't work with a standalone_ha setup

Soumya Mishra soumya.mishra at aktana.com
Tue Mar 13 15:10:39 EDT 2018


Anyone knows anything about this?

On Mon, Mar 12, 2018 at 1:06 PM, Soumya Mishra <soumya.mishra at aktana.com>
wrote:

>
> Hello All,
>
> I am facing a problem with running keycloak in standalone clustered mode
> (i.e, standalone-ha) mode. I have a set of 3 clusters and using a load
> balancer on top of it.
>
> I am able to login properly each time. But the refresh_token and
> offline_access token flow is not working properly because the load balancer
> is hitting different instances at different times. It only works when the
> load balancer hits the instance from which the token was generated.
>
> I compared various tokens generated by all the different instances and I
> see that iss, iat and jti values are different for each of the tokens. Is
> it a problem?
>
> Please let me know if anybody has any idea how this issue should be fixed
> or where I am doing wrong.
>
> Regards,
> Soumya
>
>
>
>
>


More information about the keycloak-user mailing list