Currently we set manually SSO session max for 1 hour under token section in realm settings, Even though user is actively performing operations session is getting logged out automatically when SSO max reached, is there any api to prolong user session with session id in keycloak to update session max, so that will call that api from java backend when session is about expire or is there any way with oidc implict flow/ authorization code flow from anugular side.
Currently with OIDC implict flow we are able to refresh token, when refresh token happened automatically SSO idel timeout is extending instead of sso session max, is there any setting in keycloak to extend session max when token got refreshed.
The idea of “max” is exactly what is happening. After the max timeout, the session will end, there is no way around it. What you are looking for is the “idle” time, this will be reset every time the user interacts directly or indirectly (through client using refresh token) with Keycloak.
If user in middle of something(adding data) and meantime session ended by reaching max, in that case user has to login again which interrupt his work and he might lose modified data as well right, which doesn’t fulfil real time scenario, There should be some api to extend the session max with session id, If not we can’t ask clients to re login again in real time.
No, there must not be such a feature, because this would reduce the max time to absurdity. Max is exactly what max means. Otherwise, no max option would make sense.