Uploaded image for project: 'Red Hat build of Keycloak'
  1. Red Hat build of Keycloak
  2. RHBK-1364

[GHI#28429] Add details to error messages, especially around refresh tokens

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False

      Description

      When Keycloak logs errors about refreshing tokens, the logged information misses some details:

      • The error code is set, but the details (as submitted to the client) are missing, which could provide details on what is actually happening. So the caller has more information at hand than the admin looking at the logs.
      • The logs miss the session ID. We have it in multiple other places (actually in every token that we hand out), but not in the logs. This would allow tracking all events that happen for this session.

      Discussion

      https://github.com/keycloak/keycloak/issues/14040#issuecomment-2034148155

      Motivation

      Provide means to analyze REFRESH_TOKEN_ERROR causes by looking at the logs.

      Details

      I'll provide a PR

              Unassigned Unassigned
              pvlha Pavel Vlha
              Keycloak Core IAM
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: