SAML/token Concurrent XHR Requests #26744
Labels
bug
Fixes for quality problems that affect the customer experience
Feature:Security/Authentication
Platform Security - Authentication
Team:Security
Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Comments
kobelb
added
bug
|
Pinging @elastic/kibana-security |
|
/cc @epixa is the work that you're performing for the new token provider addressing this limitation, or will we be addressing this separately? |
|
The token provider will have the same limitation. |
epixa
changed the title
|
I've proposed a solution to this problem in elastic/elasticsearch#36872 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SAML will attempt to use the refresh token to get a new access token when it receives an error denoting that the access token has expired. This workflow works well until there are two concurrent XHR requests occurring at the same time, and only one of these is able to actually use the refresh token while the other request will see an expired access and refresh token.
The text was updated successfully, but these errors were encountered: