Hi! I have already created and configured a realm, created and configured one client per project but my problems are:
I have two projects
If i change project, (e.g from project #1 to project #2) i am not logged in automatically, i need to click on “Login” button to redirect to keycloak and then back to the site (without authenticating again). I found that i can login automatically using an iframe wich will do a silent auth, is this the correct way? The frontend is rendered in the backend, is not fully separated (is a django project)
This project #1 uses the project #2 via REST API too, and when the webpage do an API call via AJAX, the project #2 tries to redirect the AJAX request to the keycloak authentication page. Is there any way to automatically detect if the user that is logged in on the project #1 and then login to the project #2 on the API without any redirect?
I’ve just found that the package i am using (Django rest framework) have an integration with mozilla oidc, i can perform API requests using an Access Token but i need to save the access token client-side because the requests are performed in a static-generated page. I’m saving it right now in a cookie, but i dont know if is there a better way to save the access token.
Of course i’ve configured the cookie to be in the same domain, secure and same-site strict but i cant use httpOnly because i need to access the value via javascript and the API server has CORS configured