[keycloak-user] Keycloak Google IDP Broken & wont be fixed!

[Nick Powers]

I ran into an issue with Google IDP & Keycloak, where offline access cannot
be requested and therefore refresh tokens cannot be received from Google.

I then started researching to see if this problem have been previously
identified and resolved.  Although I did find find many people identifying
the problem who were looking for an answer in both this mailing list and in
the keycloak dev mailing list, there was no solutions in any of those
messages.  These questions spanned 4 years, and yet Google IDP remains
broken.

When the question is posed to the user group the messages are either not
answered at all or don't provide any solutions.  In the Keycloak dev
mailing list it is discussed but in general they are dismissed, along the
line of "Why would you need to use offline access?" dismissing it as a
useless feature.  This is a difficult answer to swallow if you need to use
Google offline access with Keycloak.  Especially when all it would take is
to add "access_type=offline" to the Google auth UR.  To be absolutely clear
they devs could easily fix this, they just don't want to.

So, if you have found this message, now or in the future, hoping to find a
way to obtain refresh tokens from Google using Keycloak all I can do is try
and spare you any more time wasted on this pursuit.  Keycloak does NOT
offline access for Google IDP and therefore you cannot receive refresh
tokens from Google with Keycloak, and chances are that it will NEVER
support it.

I wish I was wrong but it doesn't appear that way.

Good Luck!

Nick