Logout all session when password change

I login to keycloak and then change my password but my access token and refresh token still worked
all sessions for that user should be logout .

I believe you would need to implement an EventListener that invalidates the sessions of the user on receipt of a password change event.

has anyone done something along those lines already.

Not exactly the same, but the same approach:

1 Like

this link does’nt work. Has anyone achieved this yet?

Did someone can answer this please ?

The flow is very simple at the end of user reset password user should be redirect to login page and need to connect not to be connected