Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-4684

[Docs] Update Keycloak configuration instructions to improve performance and security

Prepare for Y ReleasePrepare for Z ReleaseRemove QuarterXMLWordPrintable

    • 3
    • False
    • Hide

      None

      Show
      None
    • False

      Description of problem:

      After investigating in this issue, it was discovered that when configuring Keycloak with RHDH, we need to:

      1. Set the Access Token Lifespan to >5 min (ideally 10 or 15 minutes) to fix the performance issue (unnecessary refresh token request sent for every API call).
      2. Enable the Revoke Refresh Token option to improve security so that the refresh token rotation strategy can be used.

      The current instructions to set up the Keycloak instance as seen here should include these additional recommendations.

      Additional info (Such as Logs, Screenshots, etc):

        1. image-2024-10-23-10-37-34-854.png
          image-2024-10-23-10-37-34-854.png
          333 kB
        2. image-2024-10-23-10-37-57-941.png
          image-2024-10-23-10-37-57-941.png
          326 kB

          1.
          		 [DOC] SME Review Sub-task Closed Undefined Fabrice Flore-Thébault
          2.
          		 [DOC] QE Review Sub-task New Undefined Heena Manwani
          3.
          		 [DOC] Peer Review Sub-task Closed Undefined Fabrice Flore-Thébault

              ffloreth@redhat.com Fabrice Flore-Thébault
              rh-ee-jhe Jessica He
              RHIDP - Documentation
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: