We have users who login as Keycloak users and also users who login as AD users (we have created a saml Indentity Provider in Keycloak).
When logging in as a Keycloak user, the user can check ‘remember me’. This enables the user to entirely close the browser and when they open the browser (and open the login page) the user is still logged in. I imagine a persistent cookie is used.
When logging in as an AD user, the user has to reenter their credentials after entirely closing the browser.
Is there a way that Keycloak can persist sessions for AD users who have logged in through AD through a saml Identity Provider which has been configured in Keycloak? I know that AD has a ‘Stay Signed In’ option in their authentication flow. What I’m asking is whether it is possible for Keycloak to persist a session so that the AD authentication flow doesn’t even have to be entered for users who have previously logged in.
cheers
Kenn