Login-status-iframe not updated after force end session?

When querying the login-status-iframe, if a user session is forcibly ended within keycloak by clicking logout all or logout for a specific user session, the status returned by the login-status-iframe remains as “unchanged”. Is this expected, or is there something I’m misunderstanding about this should work?

It does properly change to “changed” if I visit the keycloak end session endpoint or if I set a short keycloak session expiration and allow it to expire.

I would expect that destroying a session within keycloak would also change the session_state?

Turns out this is expected behavior:


Stian Thorgersen added a comment - 3 days ago
This is expected behaviour. The session iframe relies on checking the session cookie, which is only invalidated on a local logout.

I’m also experiencing this issue.

Does this something to do with OIDC Session Management Logout being in draft in Keycloak? I can read that in Server Administration Guide

I’m using a 3rd party library but session checks always return an “session_unchanged” event.

What’s the best approach to use, in our web-apps, to detect a logout performed at Keycloak console?

Thanks, Stian