Before reporting an issue

[x] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

authentication

Describe the bug

Issue Description:
We encountered an issue in Keycloak 26.1.4 where users cannot immediately reauthenticate after deleting their account when using Google (or another external identity provider). The error message indicates a duplicate key violation in the database.

Version

26.1.4

Regression

[ ] The issue is a regression

Expected behavior

🔍 Expected Behavior:

The user should be able to reauthenticate successfully as if they are logging in for the first time.

Actual behavior

🔄 Steps to Reproduce:

1. Configure authentication via Google (or another external provider).
2. Navigate to Authentication → Required Actions and enable "Delete Account".
3. Go to Realm Settings → User Registration → Default Roles, add the "Delete Account" role.
4. Log in with Google, then delete the account through the UI.
5. Immediately attempt to log in again with Google.
6. The following error occurs:

Caused by: org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint "constraint_offl_us_ses_pk2"
Detail: Key (user_session_id, offline_flag)=(4eb36d91-6d49-442f-8fad-9be63896d89b, 0) already exists.

How to Reproduce?

🔄 Steps to Reproduce:

1. Configure authentication via Google (or another external provider).
2. Navigate to Authentication → Required Actions and enable "Delete Account".
3. Go to Realm Settings → User Registration → Default Roles, add the "Delete Account" role.
4. Log in with Google, then delete the account through the UI.
5. Immediately attempt to log in again with Google.
6. The following error occurs:

Caused by: org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint "constraint_offl_us_ses_pk2"
Detail: Key (user_session_id, offline_flag)=(4eb36d91-6d49-442f-8fad-9be63896d89b, 0) already exists.

Anything else?

Keycloak Version: 26.1.4
Database: PostgreSQL

⚠ Important Note:
The issue resolves itself after approximately 5 minutes, allowing the user to log in successfully again. However, the immediate failure creates a poor user experience and may indicate an underlying issue with session or user data cleanup.

❓ Possible Cause:
It seems that after account deletion, some session-related data (e.g., user_session_id) is not fully removed from the database. When the user tries to log in again immediately, Keycloak attempts to reuse an existing session, resulting in a constraint violation in offline_user_session.

We would appreciate any insights or a potential fix for this issue! 🙏