I have a question about ForgeRock OpenAM 5.5 SSO login. Currently I have installed one AM server. I want to add one more AM server so that both AM servers can manage traffic. Single sign on has following 3 steps;
- Authenticate which return ID token
- Authorise by passing ID token which returns auth code
- Get access token using auth code.
Problem:
All 3 API requests of the Single Sign On must be sent to the same AM server using sticky session as the state of the login journey across the 3 steps is maintained in AM in memory session.
Is there a way to configure ForgeRock 5.5. to make SSO steps in auth chain to be stateless or any other method that would avoid the need to have sticky session?
Your support is highly appreciated experts.
Cheers
Yes, its called exactly like this in AM Console, stateless sessions. Forgerock docs