Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Reuse of session_code for loginAction
62 views
Skip to first unread message
Francis Augusto Medeiros
Apr 11, 2025, 6:33:54 AMApr 11
to Keycloak User
Hi,
When using the «action()» method of my custom authenticator, it seems that, when returning the same form (for example when the user needs to retry the credentials), the url for a loginAction is changed with a new session_code.
This works fine for static forms where the user needs to manually provide a new credential. But in situations where I need to poll the server (such as to verify if the user has performed and out-of-band approval) it is prone to problems as, when using mobile phones, the polling call might freeze when swiping back and forth from the browser to the authenticator app.
My question is: is that a way to send the url related to the loginAction with the same session_code? This would make my code more robust because if one HTTP call fails, the next one won’t need the previous session_code to keep on polling.
Best,
Francis
When using the «action()» method of my custom authenticator, it seems that, when returning the same form (for example when the user needs to retry the credentials), the url for a loginAction is changed with a new session_code.
This works fine for static forms where the user needs to manually provide a new credential. But in situations where I need to poll the server (such as to verify if the user has performed and out-of-band approval) it is prone to problems as, when using mobile phones, the polling call might freeze when swiping back and forth from the browser to the authenticator app.
My question is: is that a way to send the url related to the loginAction with the same session_code? This would make my code more robust because if one HTTP call fails, the next one won’t need the previous session_code to keep on polling.
Best,
Francis
Reply all
Reply to author
Forward
0 new messages