Reputation: 3682
It is possible to invalidate the Keycloak SSO session when a user closes their browser/tab?
According to the docs I should be able to do this by setting the SSO Session Idle
and the SSO Session Max
to 0
.
When setting it to 0
though, I cannot save the settings. What am I misunderstanding here? And is it achievable to log the user out when she closes her browser/tab?
Upvotes: 1
Views: 2626
Reputation: 1912
Keycloak cannot terminate the server-side session on browser close, since it does not know that the browser has closed. But since your SSO cookie is a session cookie, your browser will remove the cookie on browser close. Without that cookie you will have to relogin when hooking up your browser again.
Just make sure you did not enable the "Remember Me" feature at Realm settings -> Login
.
However, there is no support for this when closing a tab, as far as I know.
Upvotes: 2