Login Timeout by SSO with external IdP

jominga · March 20, 2020, 9:41am

Hello,

I am implementing a SSO option using SAML with an external IdP. If I inspect the browser and see the received SAML response after I click on the SSO button I can see the authentication data that I need (such as the name of the user and the email), so the communication with the IdP works just fine.

However Keycloak does not perform the login and shows me a page where it says: “We are sorry… Login timeout, Please log in again.”, and no new user is registered. The login timeout for tokens in my realm is set to 30 minutes.

Do you guys know how I can fix this issue?

albertomusetti · June 1, 2020, 9:30pm

I follow, I’m facing the same issue.
The SAML response has time in UTC format, the keycloak server is in CEST.

jominga · June 8, 2020, 7:34am

The problem was that when my computer was hibernating the internal clock of the Docker containers stopped. So the time of Keycloak and of the external IdP did not match and hence the timeout error.
Restarting the container fixed the issue.

Topic		Replies	Views
Login timeout. Please log in again Getting advice saml	0	1138	April 23, 2020
IDENTITY_PROVIDER_LOGIN_ERROR invalid_code on 2 minute IdP login	1	2370	January 9, 2023
Keycloak as ADFS SP returns Login Timeout saml	0	489	February 26, 2021
Clock Skew SAML Configuring the server saml	2	2842	October 13, 2022
ssoSessionMaxLifespan SAML and OIDC use collide Getting advice	1	649	March 5, 2020

Login Timeout by SSO with external IdP

Related Topics