Silent SSO check on backend


I have 2 Wars deployed to Wildfly and secured by keycloak adapter.

Everthing works except one thing.

Second War is displayed within iframe in interface provided by first WAR.

Problem is that when user enters application. Adapter redirects user to login page user logs in and everything is ok. But when user opens tab with iframe where second WAR is embedded, adapter is trying to redirect user to login page but that is blocked by KC.

It only allows to open iframe content in new tab which results in successfull exchange between app and KC and no login is needed.

I thought that maybe I could ping some dummy interface of second WAR but adapter tries to redirect me to login page and it is not successful.

Any idea how this could be solved?
Maybe direct call of login uri from backend or something like that? Or some SPI.

Thanks a lot!