I set SSO Session Idle to 2 minutes and Access Token Lifespan to 1 minute, but if a user is idle for longer than 2 + 2 minutes, keycloak will not logout the user.
So I implement logic to update the token and if it fails user should be logged out, but it never happens, it seems that updateTokne update access token and also refresh token.
keycloak.keycloakEvents$
.subscribe((event) => {
if (event.type === KeycloakEventType.OnTokenExpired) {
console.log('OnTokenExpired');
keycloak.updateToken()
.then(function (refreshed) {
if (refreshed) {
console.log('Token was successfully refreshed');
} else {
console.log('Token is still valid');
}
})
.catch(function () {
auth.logout();
console.log('Failed to refresh the token, or the session has expired. Logout user.');
});
}
});
So my question is! How to logout a user if the user has exceeded the idle time?
Shouldn't this be done as part of a feature?
Versions.
Repro steps.
I set SSO Session Idle to 2 minutes and Access Token Lifespan to 1 minute, but if a user is idle for longer than 2 + 2 minutes, keycloak will not logout the user.
So I implement logic to update the token and if it fails user should be logged out, but it never happens, it seems that updateTokne update access token and also refresh token.
So my question is! How to logout a user if the user has exceeded the idle time? Shouldn't this be done as part of a feature?