Thursday, October 20, 2022

[FIXED] How to disable the SSO feature in the Keycloak

      ,      No comments   

Issue

I want to use Keycloak as an identity provider in our company.

I have defined one Realm with three clients (I have three applications and I have defined a client for each application)

I want to separate the process of login and logout for each application. For example when I login into app1 and app2 and app3, and then logout from app1, the app2 and app3 remain logged in.

In StackOverflow I found some solution to separate the login process for each application as follow:

 1. in admin console, go to Authentication
 2. make a copy of Browser flow
 3. in this new flow, disable or delete Cookie
 4. go to Clients -> (your client) -> Authentication Flow Overrides, change Browser Flow to your new flow, click Save."

How to force login per client with keycloak (¿best practice?)

But this solution is not working for making the logout process independent for each application(which means I want to disable the SSO feature in Keycloak). Is there any way to make it possible?


Solution

I would enable Direct Access Grants on the client level only (Standard Flow will be disabled), so applications will have to use direct grant flow. No IdP sessions in the user browser will be created in this case, so no SSO will be used.



Answered By - Jan Garaj
Answer Checked By - Mary Flores (PHPFixing Volunteer)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...