Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-2072

Allow to configure reauthentication timeout for clients in Keycloak Admin app

    XMLWordPrintable

Details

    • Feature Request
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • Backlog
    • None

    Description

      Add possibility to configure reauthentication timeout for clients in Keycloak admin GUI (for each client independently in client's settings). This will be used as default if no reauth is asked by client on protocol level.

      This is important feature to support long user SSO sessions (eg. weeks or even months)
      with reauthentication for important actions as known from many sites like Googlem LinkedIn, Github etc.

      This configuration option allows protecting Account and keycloak admin applications itself with reauthentication in this scheme, and also allows protecting other clients who can't be updated to force reauth on protocol layer.

      Attachments

        Issue Links

          blocks

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. RHD-949 Provide long login time-out for RHD website

          • Done
          is duplicated by

          Feature Request - Feature requests from customers and/or users KEYCLOAK-12405 Add support for default max age

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is incorporated by

          Feature Request - Feature requests from customers and/or users KEYCLOAK-2076 Support for long user sso sessions with reauthentication for important actions

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Feature Request - Feature requests from customers and/or users KEYCLOAK-2070 Support for reauthentication in openid-connect IdP endpoint

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              Unassigned Unassigned
              velias@redhat.com Vlastimil Eliáš
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: