Configure Session Time Out and Remember Me¶
This guide walks you through the steps on how to configure session time out and the duration for which a user session will be remembered by the MWARE IAM.
Update timeout values per tenant¶
To configure the Session Timeout and Remember Me period tenant-wise, follow the steps below:
-
On the MWARE IAM management console (
https://<IS_HOST>:<PORT>/carbon), go to Main > Identity Providers > Resident. -
Enter the following details under Resident Realm Configuration section.
Field name Description Home Realm Identifier This is the domain name of the identity provider. Idle Session Time Out This is the duration in minutes for which a single sign-on (SSO) session can be idle for. Remember Me period This is the duration in weeks for which MWARE IAM should remember an SSO session given that you have selected the Remember Me option in the MWARE IAM login screen. -
Click Update to save the configurations.
The above configuration is effective only for the respective tenant. If it is required to apply the changes for all tenants configure timeout values globally.
Configure timeout values globally¶
To configure session timeouts globally add the following section to the deployment.toml file.
[session.timeout]
idle_session_timeout= "15m"
remember_me_session_timeout= "14d"| Parameter | Definition |
|---|---|
idle_session_timeout |
Defines the session time-out period |
remember_me_session_timeout |
Defines the period for which the MWARE IAM will remember the user's SSO session. |
Advanced settings¶
With every login, the value of remember_me_session_timeout is rest to the configured value, for each user.
For example, if you set remember_me_session_timeout as 14d and log in to the management console every day, theremember_me_session_timeout keeps resetting to 14d.
To disable resetting of the expiry time with each authentication request, add the following configuration to the deployment.toml file.
[session.timeout]
extend_remember_me_session_timeout_on_auth=falseRelated topics