spherulitic
commented
1 year ago https://www.keycloak.org/docs/latest/securing_apps/#_javascript_adapter
One thing to keep in mind is that the access token by default has a short life expiration so you may need to refresh the access token prior to sending the request. You can do this by the updateToken method. The updateToken method returns a promise which makes it easy to invoke the service only if the token was successfully refreshed and display an error to the user if it wasn’t. For example:
keycloak.updateToken(30).then(function() { loadData(); }).catch(function() { alert('Failed to refresh token'); });
After 10 minutes or so, the token expires and the user is logged out, or rather, all the back end calls die because the token's no good. This is probably solved with a setTimeout on the client side that pings Keycloak to get a new token every few minutes.