Hi All,
I have a couple of question regarding the backchannel logout and how is implemented.
In particular based on Draft: OpenID Connect Back-Channel Logout 1.0 - draft 06 , its stated that the BackChannelLogout is expecting a http answer from the client.
Is there in place a timeout mechanism or something like that for these responses? I was thinking for example about an enterprise environment, where there could be a lot of client applications involved. Lets say for any reason some of them are not available or very slow and unable to response back to the Backchannel Logout POST initiated by Keycloak. Could this behaviour cause fast resource consumption (i.e several http session opened and waiting for their response from client apps)? When the http session is closed on keycloak side?
Many thanks