[keycloak-user] Backchannel logout for multiple webapps using a single opendid-connect client

Sebastien Blanc sblanc at redhat.com
Tue Apr 2 05:43:04 EDT 2019


No, it's using the admin URL. But don't you have the same issue with your
redirect URL if you are using just one client for 100 apps ?
To avoid too much configuration and still create one client per webapp you
could take a look at the Client Registration service (
https://www.keycloak.org/docs/latest/securing_apps/index.html#_client_registration)
where client can registers them self.

On Thu, Mar 28, 2019 at 2:48 PM Michael Kebe <Michael.Kebe at hkm.de> wrote:

> Hi mailinglist,
>
> is it possible to get backchannel logout working with a single
> openid-connect client, which is used by multiple webapps?
>
> To get backchannel logout working for a single webapp I had to set the
> Admin URL to a specific URL of one webapp.
>
> I expected that Keycloak stores from where the session is initiated and
> knows where the backchannel logout has to be sent to.
>
> I could create for each webapp a specific client and set the Admin URL
> accordingly, but that is too much configuration work for over 100 webapps.
>
> Do I misunderstand the public Access Type?
>
> Michael
>
>
>
> Hüttenwerke Krupp Mannesmann GmbH, Ehinger Str. 200, D-47259 Duisburg
> Geschäftsführung: Dr. Herbert Eichelkraut, Dr. Gerhard Erdmann, Carsten
> Laakmann
> Vorsitzender des Aufsichtsrats: Prof. Dr.-Ing. Heinz Jörg Fuhrmann
> Sitz der Gesellschaft: Duisburg
> Eintragung im Handelsregister: Amtsgericht Duisburg HRB 4716
> http://www.hkm.de
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list