One keycloak App in an IFrame of another Keycloak App. Logs in but can't find token

We have a platform with a central UI for the user. We have apps on our platform. These apps are displayed in iframes in the Central UI. My current setting(perhaps wrong) is that the central UI app has a different client in keycloak. Another app, say AppA, has another client in keycloak.
When I open AppA in a separate browser tab, it correctly redirects to the keycloak login page.
But when I open AppA in the Central UI app, it gets to the home page of AppA without redirecting to the keycloak login. Looking at the keycloak Admin UI, I notice that there is a single session with both Central UI app and AppA listed in that session.

However, in AppA, I need the token, to get userinfo. But when I use flask-oidc, and I ask for the access_token or refresh_token, I don’t get anything, just null values. I’m not sure if this is a flask-oidc problem,if so, please let me know.

So, my questions are:

  • how does AppA get logged in directly in the first place.
  • How can I get the token and get the user info that I want. I may be missing keycloak concepts.


Hi Rajiv,
can you please share piece of code of your App A and Central UI. Are these two Apps in the same realm? If yes, probably the same session is trying to prevent the user from logging in again, something on the lines on SSO I believe.
I think the above answers your first question.

Hi @Anubhav

Thanks for your reply. Unfortunately, I’ve moved on to other projects and no longer have access to the project.

1 Like