Hi there,
Can anyone tell me where the javascript adapter stores the access_token and refresh_token on authentication with authorization flow (standard)? We are trying to evaluate the adapters suitability for our project.
Many thanks in advance
token
The base64 encoded token that can be sent in the Authorization header in requests to services.
tokenParsed
The parsed token as a JavaScript object.
idToken
The base64 encoded ID token.
idTokenParsed
The parsed id token as a JavaScript object.
refreshToken
The base64 encoded refresh token that can be used to retrieve a new token.
refreshTokenParsed
The parsed refresh token as a JavaScript object.
So, once you initialize the Keycloak object and the user has logged in, the access token can be accessed with keycloak.token and the refresh token can be accessed with keycloak.refreshToken
More reference docs here: Securing Applications and Services Guide
Hi there, many thanks for the reply.
So if stored in memory, if I open another tab in the browser, I’ll be obliged to login again…unless I specifically code for this possibility?
Many thanks in advance!
@agcopley it won’t force you to log in again, but it will do the redirect to Keycloak, which will see that you have a live session because of the cookie value, and send you back to your application for a code-to-token flow, which will populate those values.