Hello,
Is there any way I can correlate an OIDC session established by a RP with its parent SSO session? I am looking to incorporate session management for a user in my application.
Thank you!
The Access-/ID-Tokens can be used as a session replacement, so your app could be completely stateless and rely on the tokens as “the session”. Tokens have a lifetime, can be refreshed and if you need some kind of session id, there’s the sid claim, which is Keycloak’s session id.