[keycloak-user] API to evict user cache

[Shetty, Shweta]

Thanks for your response Pedro. Yes, the updating of the user is helping in evicting the user cache, just tested.

The reason we are resorting in this because: If we use the logout API of keycloak admin then Keycloak evicts the user from the cache in the same method that sets the `notBefore` field in the user. The setting of the 'notBefore'  makes the offline tokens STALE which in my assumption should have been done - since the assumption is offline tokens should still be valid if a user has logged out? Am I wrong here? We use offline tokens for background jobs and these fail. What is the best approach for such jobs then?

Shweta
________________________________
From: Pedro Igor Silva <psilva at redhat.com>
Sent: Friday, July 26, 2019 5:00 AM
To: Shetty, Shweta <Shweta.Shetty at Teradata.com>
Cc: keycloak-user at lists.jboss.org <keycloak-user at lists.jboss.org>
Subject: Re: [keycloak-user] API to evict user cache

[External Email]
________________________________
If you mean a single entry in the cache no. But you can clear all entries in user cache (see admin console).

AFAIK, if you want to force a reload to a specific entry you could update some user info so that the entry is invalidated and eventually cached again.

On Thu, Jul 25, 2019 at 4:15 PM Shetty, Shweta <Shweta.Shetty at teradata.com<mailto:Shweta.Shetty at teradata.com>> wrote:
Is there an admin api to evict just a single user-cache ?

Shweta
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user