Javascript adapter token storage

Hi there,
Can anyone tell me where the javascript adapter stores the access_token and refresh_token on authentication with authorization flow (standard)? We are trying to evaluate the adapters suitability for our project.

Many thanks in advance

The base64 encoded token that can be sent in the Authorization header in requests to services.

The parsed token as a JavaScript object.

The base64 encoded ID token.

The parsed id token as a JavaScript object.

The base64 encoded refresh token that can be used to retrieve a new token.

The parsed refresh token as a JavaScript object.

So, once you initialize the Keycloak object and the user has logged in, the access token can be accessed with keycloak.token and the refresh token can be accessed with keycloak.refreshToken

More reference docs here: Securing Applications and Services Guide

Hi there, many thanks for the reply.
So if stored in memory, if I open another tab in the browser, I’ll be obliged to login again…unless I specifically code for this possibility?

Many thanks in advance!

1 Like

@agcopley it won’t force you to log in again, but it will do the redirect to Keycloak, which will see that you have a live session because of the cookie value, and send you back to your application for a code-to-token flow, which will populate those values.

1 Like