diff --git a/src/Controller/EtlController.php b/src/Controller/EtlController.php
index ba5290f..17d1e22 100644
--- a/src/Controller/EtlController.php
+++ b/src/Controller/EtlController.php
@@ -1079,14 +1079,14 @@ class EtlController extends AbstractController
     #[Route('/etl/connect/keycloak', name: 'connect_keycloak_etl_start')]
     public function connectKeycloakEtlStart(ClientRegistry $clientRegistry, Request $request): Response
     {
+        $request->getSession()->start();
+
         $response = $clientRegistry
             ->getClient('keycloak_etl')
             ->redirect(['openid', 'profile', 'email']);
         $response->headers->set('Cache-Control', 'no-store, no-cache, must-revalidate');
         $response->headers->set('Pragma', 'no-cache');
 
-        $request->getSession()->save();
-
         return $response;
     }
 
diff --git a/src/Controller/HomeController.php b/src/Controller/HomeController.php
index 805014f..b4a026d 100644
--- a/src/Controller/HomeController.php
+++ b/src/Controller/HomeController.php
@@ -28,14 +28,14 @@ class HomeController extends AbstractController
     #[Route('/intranet/connect/keycloak', name: 'connect_keycloak_start')]
     public function connect(ClientRegistry $clientRegistry, Request $request): Response
     {
+        $request->getSession()->start();
+
         $response = $clientRegistry
             ->getClient('keycloak')
             ->redirect(['email', 'profile', 'openid'], []);
         $response->headers->set('Cache-Control', 'no-store, no-cache, must-revalidate');
         $response->headers->set('Pragma', 'no-cache');
 
-        $request->getSession()->save();
-
         return $response;
     }