KeyCloak - new oidc login without logout

Hi all,
i have a problem with this scenario but i don’t know how to solve it:

  • USER_A from application starts an OIDC login procedure with username/email MAIL_A
  • no logout is called, so the session in KeyCloak and local cookies are not invalidated and are related to MAIL_A.
  • USER_A starts now a new OIDC login procedure using a different username MAIL_B
  • KeyCloak still recognise the USER_A as authenticated with account related to MAIL_A and not related to MAIL_B

How can i avoid this?
Is there a way to invalidate the KeyCloak session since it was created for the account MAIL_A and not for MAIL_B?

Thanks in advance.
Ale

Add OIDC logout as first step of login procedure = you will always force logout first. But it is not usuall approach, so may need to hack your code to implement it.