Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 
khaler
Contributor II

Issue with X-Qlik-Session-keycloak Cookie Persistence After Logout in React Application with Keycloak OIDC

Hello everyone,

I am working on a React web application that logs into a Qlik page embedded within an iframe using Keycloak's OIDC method for authentication. However, I've encountered an issue with cookie persistence after logout. Specifically, even after logging out from the React application, the X-Qlik-Session-keycloak cookie remains stored, causing problems for subsequent users who log in. This issue persists unless the browser is completely closed and reopened.

Has anyone faced a similar problem or know of any configuration settings in Qlik that can help resolve this issue? Any guidance or suggestions would be greatly appreciated.

Thank you!

Labels (3)
2 Replies
alex_colombo
Employee

Hey @khaler , which kind if issue are you facing? When you perform a log out cookie remains in the browser session, but when you log in again, cookie should be updated with a new one. This is native behaviour and you can see when you open Qlik hub and do log out / log in.

Could you please attach screenshots from browser network tab?

khaler
Contributor II
Author

Hi @alex_colombo ,

Thank you for your response! You’re absolutely correct about the expected native behavior. However, in my setup, the X-Qlik-Session-keycloak cookie persisted even after logging out from the React web application. This caused issues for subsequent users logging in, as the old session cookie was still being used unless the browser was completely closed.

I was able to resolve this by utilizing Qlik’s QPS (Qlik Proxy Service) delete session method. This explicitly terminates the session and ensures the cookie is properly removed, resolving the issue entirely.

I appreciate your insights—it helped me better understand the behavior.