libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions

KEYCLOAK-2028 : Docs for new adapter option minimum-token-time-to-live

Browse source
This commit is contained in:
mposolda 2016-06-09 19:38:33 +02:00
parent fba771b1e3
commit 080bdd318c
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
topics/oidc/java/java-adapter-config.adoc
View file

@ -31,7 +31,8 @@ This is what one might look like:
"truststore-password" : "geheim",
"client-keystore" : "path/to/client-keystore.jks",
"client-keystore-password" : "geheim",
"client-key-password" : "geheim"
"client-key-password" : "geheim",
"token-minimum-time-to-live" : 10
}
----
@ -190,3 +191,9 @@ principal-attribute::
turn-off-change-session-id-on-login::
The session id is changed by default on a successful login on some platforms to plug a security attack vector. Change this to true if you want to turn this off This is _OPTIONAL_.
The default value is _false_.
token-minimum-time-to-live::
Amount of time, in seconds, to preemptively refresh an active access token with the {{book.project.name}} server before it expires.
This is especially useful when the access token is sent to another REST client where it could expire before being evaluated.
This value should never exceed the realm's access token lifespan.
This is _OPTIONAL_. The default value is `0` seconds, so adapter will refresh access token just if it's expired.