As I understand, SSO Session Idle is resetted for every access token refresh using oauth code grant flow.
How does the SSO Session Idle behave if the user authenticates with oauth implicit flow? I wonder since the “Access Token Lifespan For Implicit Flow” is most likely set to a much higher value than the “SSO Session Idle”, which would result in a valid access token for a client and an expired Keycloak session.
Thanks for your insights, Christian.