0

I have setup Single-Sign on (SSO) using keycloak IDP (Google and Microsoft)

Currently, I can able to choose Identity Provider(Google/Microsoft) and gets the user authenticated.

But I need to use a different account for authentication now(assume there is a user already logged in to a Google account)

Scenario: User1 logged in using keycloak IDP(google) and signed out from keycloak, now User2 wants to login using keycloak IDP but when he clicks in Google SSO button it automatically logged in as User1(User2 is not able to login using google when there is User1 already logged in google)

Excepted Solution: When User2 clicks on Google SSO button it should typically ask User1 or Use different account option so that User2 also gets authenticated.

venkat.s
  • 120
  • 1
  • 6
  • what you want is signout keycloak cause google account to signout, the oauth2/oidc account state is dispatch/maintain from identity provider(such as google/Microsoft), so as a attach client, keycloak its have no any mechanism to achieve your goal – smileis2333 Jun 06 '23 at 08:08
  • You can try this topic, I think it can help https://stackoverflow.com/questions/4202161/google-account-logout-and-redirect – DangTri Jun 07 '23 at 03:55
  • Thanks for your comments, I don't think we can logout an actual Google/Microsoft account because that's not how SSO works – venkat.s Jun 07 '23 at 05:05

0 Answers0