Reputation: 783
Get client session id from Keycloak access token
In reference to Keycloak's documentation for account linking, I need to fetch user session id and client session id from the access token.
However, I only find something they call session_state on the token which apparently is the same as sessionId by looking at their javascript adapter source code.
I reckon that this is the user session id they are referring to? If so, where do I find this so called client session id?
Upvotes: 1
Views: 17786
Answers (1)
Reputation: 783
Turned out it as the client id. So something like this should work:
Extract user session id and client session id ("aud" is the client id) from access token:
const { session_state, aud } = JSON.parse(decodeURIComponent(escape(atob(accessToken.split('.') [1]))))
Create base64 hash:
Base64.stringify(sha256(nonce + session_state + aud + 'facebookOrWhatever'))
You also need make the resulting base64 encoded hash url friendly (i.e. '+' and '/' are replaced with '-' and '_' also remove any trailing '=' characters)
Upvotes: 5
Related Questions
- Authenticating a User against a client in Keycloak
- How to get id (not clientId) of client in keycloak?
- Simplest way to get current user logged in Keycloak
- how to get initial access token from keycloak client registration using rest api?
- How get keycloak token?
- How to get an access token with a private key signed as a JWT
- Keycloack share same session between to client ID
- Keycloak JavaScript API to get current logged in user
- NodeJS keycloak get user Informations
- Keycloak: how to get client_id where the user registered?