[keycloak-user] Keycloak Offline User Sessions and Online User Sessions
Nagendra Darla
dvv.nagendra at gmail.com
Fri Jun 7 16:16:52 EDT 2019
Hello Keycloak experts,
We have below challenges in out project where we are building User Access
Management using Keycloak.
1. *Offline User Sessions:* When a Offline token is used from two
different machines, There is only one Session that will be created and
session will have the IP address of the machine from where the User Session
is first created. Because of this we cannot suspect any suspicious activity
by hackers. Should n't we create different sessions even though same
offline token is used from different machines.
2. *Why there is no separate REST end point to get only Online User
Sessions: *Below REST end point returns all the User Sessions ie., both
Offline and Online User Sessions.
GET /{realm}/clients/{id}/user-sessions
You help is much appreciated !
Thank you,
Nagendra Darla
More information about the keycloak-user
mailing list