I’m just starting out in my keycloak journey but I found something that looked very dubious to me. I create a client for my realm, users etc and tested this authorised my app ok - which it did just fine. Let’s say my client id was called OLD_NAME I then changed the id to NEW_NAME in Keycloak admin and tried again. I was able to login by passing a client_id of either OLD_NAME or NEW_NAME. I did not expect that, surely if I changed the Client Id, then old id should no longer work correctly ? Does Keycloak do some sort of caching of Client IDs?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Change client id on angular app without logout/login | 0 | 689 | September 29, 2021 | |
| User ID changed after migrating from KC 17 to KC21 | 1 | 106 | June 19, 2024 | |
| Broken installation after domain change | 2 | 516 | March 1, 2021 | |
| Change user id in keycloack | 0 | 602 | May 20, 2022 | |
| How can I set Keycloak user id as static? | 0 | 434 | June 23, 2022 |