I’m using Keycloak and spring boot. the problem is when I log out session in Keycloak panel or with rest call in spring project, although the session will be removed from Keycloak, the user can still use that token to authenticate requests. as I found, it seems that the Keycloak adapter doesn’t check each token with the Keycloak server pwe request, is it true? how can I solve this?
as some topic answers said, I tried Backchannel Logout URL, but no success was achieved.
this is error:o.k.a.s.a.KeycloakLogoutHandler.logout:62 - Cannot log out without authentication