Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Configurable session limits
See original GitHub issueDescription
-
Kill existing sessions is the most common request
-
Specify the maximum number of allowable user concurrent sessions. Replace existing session with new one when user logins and the maximum count of sessions per user is already reached. The killed session is the one, which was used last (has oldest lastAccessTime of all user sessions)
-
Implementation will use authenticator
user-session-limits, which can be added to authentication flows. Session limit is the configurable option of the authenticator -
Alternatively, login sends a “maximum sessions” error if the maximum concurrent sessions value exceeds this number. This is an option of the authenticator as well (False by default)
-
Last configurable option is “limit of sessions per user and client” . If used, user can have maximum amount of sessions per client.
Discussion
No response
Motivation
No response
Details
See KEYCLOAK-18386
Issue Analytics
- State:
- Created 2 years ago
- Reactions:5
- Comments:33 (17 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@kunalgithub: I found that it’s documented in the Server Admin Guide, in the step-up-flow section (https://www.keycloak.org/docs/latest/server_admin/index.html#_step-up-flow, see sub-section “User session limits”).
@mposolda Because the session limits are not limited to the step-up-flow, it would probably make sense to move this sub-section one level up. WDYT?
@danielFesenmeyer Not yet. It is going to be added soon 😃