python (65.1k questions)

javascript (44.2k questions)

reactjs (22.7k questions)

java (20.8k questions)

c# (17.4k questions)

html (16.3k questions)

r (13.7k questions)

android (12.9k questions)

Questions - openid-connect

Token doesn't get refreshed when sending request with Ajax

I'm using IdentityServer4 as a centralized auth server. I have a mvc app that acts as a client and works as expected unless I open a modal. When the user presses the edit button,I load the data into t...
test-img

Tabris

ajax

asp.net-core

asp.net-mvc-5

identityserver4

openid-connect

Votes: 0

Answers: 2

Latest Answer

You can't call the authorize endpoint of IdentityServer in an API driven manner, or using a modal: The third party SSO cookie from IdentityServer is stored in the browser. It will be dropped during a...
test-img

Gary Archer

Keycloak implementing both user and app authentication in the same realm

I have a setup like this: Back-end REST API application - Single Instance running in Cloud Server - Let's call it as A Public Users` Mobile app & browser clients - Let's call them together as X ...
test-img

Manoj Kumar D7

keycloak

openid-connect

Votes: 0

Answers: 1

Latest Answer

As you are having both Public and On prem services as clients, I would suggest the following: As you said, X as public client shall use Password grant B should use Client Credentials mechanism to get...
test-img

Chetan Ahirrao

What is the role of the refresh token flow within the modern authentication/authorization space?

I am having some trouble grasping the role of the refresh token flow within modern SAML/OAuth/OIDC methods. I understand that authentication is about proving a user is who they say they are, while aut...
test-img

ByronPark

authentication

oauth-2.0

openid-connect

Votes: 0

Answers: 1

Latest Answer

When the user has authenticated and got the access token, it will expire after a pre-configured time (e.g. 10 minutes). But to keep the user signed in longer than the expiration time, a refresh token ...
test-img

Jonas

Sign out fails for Gitlab integrated with Keycloak OIDC

When logged into gitlab using the oauth2 provider keycloak and trying to log out, Gitlab redirects to the sign_in page, but doesn't end out session on Keycloak, so we are logged in again. These are th...
test-img

rakesh kotian

kubernetes

gitlab

single-sign-on

keycloak

openid-connect

Votes: 0

Answers: 1

Latest Answer

To be perfectly clear: the expectation is that you should be signed out of GitLabn, not necessarily keycloak altogether. This is happening correctly since you see the sign-in page after signing out. F...
test-img

sytech

Posts

Questions

Blogs

Jobs