Content
View differences
Updated by Sagar Gurung almost 2 years ago
For the integration of `Nextcloud` and `OpenProject` with OIDC provider (`Keycloak`), it is required to handle the `access_token` provided by the `Keycloak` in integration app. And Through the `access_token` obtained during the login with OIDC client, we can communicate with other client of the same realm in `keycloak`.
Token handling in integration application should
* Store and obtain token information in the user session
* Keep refreshing the `access_token` during user session unless user is idle
* Re-authenticate the user when the `access_token` is expired or cannot be refreshed with refresh token anymore.
Initially lets have a Proof of concept (POC) that the above is possible for token handling on Integration app. Other possible edge case for the token handling can be added afterwards.
Token handling in integration application should
* Store and obtain token information in the user session
* Keep refreshing the `access_token` during user session unless user is idle
* Re-authenticate the user when the `access_token` is expired or cannot be refreshed with refresh token anymore.
Initially lets have a Proof of concept (POC) that the above is possible for token handling on Integration app. Other possible edge case for the token handling can be added afterwards.