<div dir="ltr">How are you creating the user action emails? Is it through the admin console?</div><div class="gmail_extra"><br><div class="gmail_quote">On 19 November 2015 at 11:38, Samuel Otter <span dir="ltr"><<a href="mailto:samuel.otter@gmail.com" target="_blank">samuel.otter@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<br><br>We have discovered a somewhat strange behavior with the User Action timeouts. We need to have a fairly long User Action timeout but the links provided in the emails to the users expire well before that time. After some digging around in the source code I think this is because both a user and a client session is created for the user action, but when the user session expires and is removed the client session is also removed with it. If we set the User Session SSO timeout to the same value it does indeed seem to work as expected.<br><br>This seems unintentional and I can't really see why the user session is created at all in this case as it is not really used as far as I can tell (the client session id is used in the email link)? OTOH I am not sure why the client session is removed when the user session expires? Or have we completely misunderstood how this is supposed to work?<br><br>Anyway, as it is you can't really have a User Action timeout that is longer than the SSO Session timeout.<br><br>Thanks,<br>Samuel Otter<br><br></div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>