+1 (855) 920-2583
Login

How to update a brand session and token timeouts from IDP Keycloak admin control panel

Modified on: Sun, 17 Dec 2023 3:28 AM

Question

How to update a brand session and token timeouts from Keycloak?


Answer

In IDP, Keycloak admin control panel provides granular control over a certain brand *session and token timeouts settings.

In Keycloak, the brand aformentioned settings arelocated under a corresponding realm settings which bear the same id as the brand.


1.0 Ascertaining the realm that requires update:

    1.1 Go to PCP > System > Settings > Brands < using the search filter search for the brand in concern.

    1.2 Notice the id of the brand as this is the id of the corresponding realm in Keycloak.


2.0 Accessing Keycloak admin control panel:

    2.1 URL of a Keycloak control panel: https://<provider_brand>/auth/admin .

    2.2 Default username is admin (case sensitive).

    2.3 Password can be obtained from idp-backend secret from the K8S resource secret.

        #> kubectl -n <namespace> get secret idp-backend -o jsonpath="{.data.keycloakadminpassword}"| base64 -d


3.0 Navigating to a realm Tokens tab

    3.1 On the Keycloak admin control panel, click on Select realm.

    3.2 In the dropdown menu click on the realm that requires update. The realm name starts with 'sr' and followed by brand id. The brand id is the brand id observed from step 1.2 above.

    3.3 Click tab Tokens. This is the location of session and token settings.

    3.4 **Updates the settings according to requirements.


Note: *Explanation of what each filed means can be obtained from Keycloak official documentation here. It is maintained by Keycloak hence kindly report directly to Keycloak for any discrepancies found.


**Warning: Updating Keycloak settings requires caution!

Before proceeding, please ensure you:


- Understand how Keycloak works and the meaning of each setting. Modifying settings without proper knowledge can significantly impact CloudBlue Commerce platform uptime and access management. THERE IS NO BACKUP TO THE SETTINGS. Hence, there is no rollback. 

- Have thoroughly tested any changes in a non-production environment. This helps to identify and mitigate potential issues before they affect live users.

- Possess the necessary expertise in Keycloak administration. If unsure, consult with an experienced administrator to ensure safe and effective updates.


**Failing to adhere to these precautions can lead to:


- Reduced platform uptime: Critical services may become unavailable, disrupting user workflows.

- Compromised access management: Unauthorized access to sensitive data may occur.

- Data loss or corruption: Improper configuration can result in irreversible data loss.


Proceed with utmost caution and only if you are confident in your ability to perform the updates safely and effectively.