I used the following ldap-data-mapper to get Roles from a database after the user logins in - https://github.com/ArnaultMICHEL/keycloak-ldap-extdb-role-mapper.
If I add a new role to the user in the external DB, and logout the user using /protocol/openid-connect/logout, and then re-login using /protocol/openid-connect/token, the new role does not get picked up. I have to go to navigate to the user and click on “Log out all Sessions”, only then does the new role get into the access token.
Is there an API for “Log out all Sessions” and is there a hidden session that only get cleared using this function?
Keycloak v. 11.0.3