Backchannel logout #121
Comments
|
no there is no support for backchannel logout |
p53
added
complex
|
@p53 hi, I see it's in your plan to achieve this, just out of curiosity are you willing to close this one? |
|
gatekeeper doesn't maintain any user state, sessions (except for refresh tokens when redis store is enabled, but here purpose is different) it does use cookies for storing access/refresh tokens and it uses front channel logout mechanism because of that so not sure what you would like exactly achieve with gatekeeper and backchannel logout |
|
if you want to achieve one logout with several apps there is option for that https://gogatekeeper.github.io/gatekeeper/userguide/#session-logout |
|
@p53 hi, sorry for a long response. Maybe I thought that GK could listen to backchannel and initiate logout instantly, thus it's not checking user sessions by going to userinfo endpoint and thus there is less load to Kecyloak server. But since GK is mostly stateless app, than yeah, makes no sense. |
Hi, I try to get working backchannel logout Keycloak feature. But requests from Keycloak (POST requests) are blocked with status code 405 (method not allowed).
If I read the code right, there is no Oauth route for POST method for logout and due to this router blocks the request. So this feature is missing. Am I right?
Thanks.
The text was updated successfully, but these errors were encountered: