Actual SSO session after action token processing (i.e. verify email)

ArchibaldArt · October 27, 2020, 3:19pm

Hi, everybody!

I would like to have an established SSO session in browser after action token processed.
But I’ve found that if action token link executed in ‘clean’ browser (where no Keycloak cookies set before) no active SSO session remains after action token processing finished.

Flow example:

Register new user in Browser 1
Execute Verify email link in Browser 2
This way, Browser 2 successfully verified email, but after that, client can’t fetch tokens using SSO (I am using JavaScript Adapter) and have to explicitly reauthenticate.

If steps 1 and 2 executed in one Browser, all is going ok. But this is not our case, because in fact we execute Step 1 through Admin REST API and Client opens verify email link in ‘clean’ browser.

Will be glad to take any advice how to reach that in the right way (we already customized different SPIs, so coding approach suits us well).

Topic		Replies	Views
Use cases for Action Tokens vs Authenticator's actionURL Getting advice authentication	0	800	May 2, 2021
Authentication Flow Override - forcing execution step for some clients Getting advice	0	462	December 27, 2021
Logging a user in directly from an ActionToken Extending the server authentication	8	6015	July 19, 2022
Invalidate ExecuteActionsActionToken when new one is issued Getting advice	1	187	November 15, 2023
Having Authentication Token and Login Credentials, How we can automatically login user or how to generate a login-actions/authenticate url Tips and tricks adapter-javascript , oidc	13	5159	May 17, 2022

Actual SSO session after action token processing (i.e. verify email)

Related Topics