i have turn on the ‘Revoke Refresh Token’ options.
recently, i meet a problem, due to network issue, that client side timeout (short-circuit, 30seconds) when requesting a new access token with refresh token [refresh_token_A](refresh token grant), but in fact, keycloak does consume the refresh token [and issue a new refresh_token_B] but the new refresh token cannot be delivered to client due to network hiccup.
the client try to implement retry mechanism (with refresh_token_A] but this won’t work as the old refresh token is already invalidated…
this force the user to re-login which is very poor in user experience…and complaints received.
anybody have a similar issue on the ‘revoke refresh token’ handling? can you share your thoughts?