Chapter 12: Managing Tokens and Sessions

In addition to acting as a centralized authentication and authorization service, Keycloak is, at its core, a session and token management system.

As part of the authentication process, Keycloak may create server-side sessions and correlate them with tokens. By relying on these sessions, Keycloak is able to keep the state of the authentication context where sessions originated, track users' and clients' activity, check the validity of tokens, and decide when users and clients should re-authenticate.

In this chapter, we are going to look at how Keycloak allows you to manage tokens and their underlying sessions, as well as understanding the different aspects that you should be aware of when doing so. For ...

Get Keycloak - Identity and Access Management for Modern Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Keycloak - Identity and Access Management for Modern Applications by Stian Thorgersen, Pedro Igor Silva

Chapter 12: Managing Tokens and Sessions

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly