Menu
JBoss keycloak offers an admin url in the client settings, where you can react on logout push events or other events. Unfortunatly I cannot find any documentation about how to use this url? Can you give me a hint, if this is e.g. part of OpenID Spec or if a API Doc exists for this.
Especially I want to know how I can realise a client endpoint, which reacts on logout or revocation requests from the keycloak server.
Thanks Christian
244
Documentation in KC about the Admin URL: http://keycloak.github.io/docs/userguide/keycloak-server/html/applicationClustering.html#admin-url-configuration. Thanks Christian. openid.
To access the admin console, open http://localhost:8080/auth/admin/ in a browser. You will be redirected to the Keycloak login pages, where you can log in with the admin username and password you created in the previous section while installing Keycloak.
Backchannel logout endpoint implementation for Keycloak, which tries to logout the user from all sessions via POST with a valid LogoutToken.
AFAIK the use of the Admin URL is Keycloak specific, and not part of Open ID Connect or OAuth.
I suppose you'll need to take a look at the code, i.e. PreAuthActionsHandler#handleRequest handles URLs ending with k_logout and k_push_not_before.
The easiest way to handle these events is to use a Keycloak client adapter. The adapter (available for Jetty, Tomcat and others) will automatically handle this for you. Just specify any URL of your deployed application and the client adapter will do the rest.
153
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
