Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

getting #error=login_required when trying to use onLoad: 'check-sso' #581

Open
Faedryth opened this issue Sep 23, 2024 · 0 comments
Open

getting #error=login_required when trying to use onLoad: 'check-sso' #581

Faedryth opened this issue Sep 23, 2024 · 0 comments

Comments

@Faedryth
Copy link

Faedryth commented Sep 23, 2024
edited
Loading

Bug Report or Feature Request (mark with an x)

- [X] bug report -> please search for issues before submitting
- [ ] feature request

Versions.

angular 16.2.0
keycloak-angular: 14.2.0
keycloak-js: 25.0.0

Repro steps.

I have an application that has been working well with onLoad: 'login-required' for some time, using Microsoft as IDP.
Now I'm trying to use SSO to avoid the redirection to Microsoft and reloading the SPA everytime I start the app, but I'm always getting an #error=login_required error.

This is how I intitialize keycloak: I'm trying the SSO method, then I force to login() if the user is not logged in after the SSO check:

        keycloak
            .init({
                config: {
                    url: environment.keycloak.url,
                    realm: environment.keycloak.realm,
                    clientId: environment.keycloak.clientIdIntra
                },
                loadUserProfileAtStartUp: true,
                initOptions: {
                    onLoad: 'check-sso',
                    silentCheckSsoRedirectUri: window.location.origin + '/assets/silent-check-sso.html'
                }
            })
            .then(() => {
                return keycloak.isLoggedIn();
            })
            .then((isLoggedIn) => {
                if (!isLoggedIn) keycloak.login({ redirectUri: window.location.href });

And I created the silent-check-sso.html page under my asset folder as indicated in your setup guide.

But I'm always redirected to the login page, meaning the SSO never catches the previous session. And if I look in the network tab, I can see this "/auth" call: https://MyKeycloakServer/realms/MyRealm/protocol/openid-connect/auth?client_id=MyClientId...

Which always has this in its response's headers, note the "#error=login_required" part:
http://localhost:4200/intra/assets/silent-check-sso.html#error=login_required&state=XXXX&iss=MyRealm

Desired functionality.

I'd like the silent SSO check to retrieve the previous session if it's still active
Am I doing something wrong?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Faedryth