Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-10734

Let the check-sso feature of the javascript adapter do the check in hidden iframe

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Let the check-sso feature of the javascript adapter do the check in hidden iframe to prevent that the sso check itself redirects the users browser from the application to the server and back to the application (and thus loading all the website resources twice on application initialization/startup).

      This feature request came up from Stian while discussing a PR for KEYCLOAK-6795 here: https://github.com/keycloak/keycloak/pull/5932

      The requested behaviour is also described in the OIDC Session Management Spec in section 4.1 (last paragraph): https://openid.net/specs/openid-connect-session-1_0.html#RPiframe

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                mitko Michal Hajas
                Reporter:
                dasniko Niko Köbler
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: