I also agree that persisting these tokens would be nice.
/Samuel Otter
Den fre 4 mars 2016 13:17LIEVRE Olivier <olivier.lievre(a)altran.com> skrev:
Hello,
We need exactly the same, so if there a solution it will also help, a
workaround could be to increase SSO Session Idle.
@+
oli
-----Message d'origine-----
De : keycloak-user-bounces(a)lists.jboss.org [mailto:
keycloak-user-bounces(a)lists.jboss.org] De la part de Edgar Vonk - Info.nl
Envoyé : vendredi 4 mars 2016 12:06
À : keycloak-user
Objet : Re: [keycloak-user] How to increase session/token timeout for
reset action emails?
Some more info: currently we have the ‘Login action timeout’ set to 2 days
(48 hours). In the ‘reset action’ emails that are sent to our user we see:
"Your adminstrator has just requested that you update your Our Realm
account. Click on the link below to start this process.
https://gry-test.info.nl/auth/realms/our-realm/login-actions/execute-acti...
This link will expire within 2880 minutes.”
So we assumed that these ‘Account Session’ tokens would remain active for
2 days (=2880 minutes). However this does not seem to be the case.. If I am
not mistaken these sessions only live 30 minutes, the same as normal user
sessions.
Are we doing something wrong or is this is an issue in Keycloak?
PS: instead of 'normal' sessions we would really want to use offline
tokens for the reset action emails so that the reset action tokens are
persisted in the database and can survive a server restart.
cheers
Edgar
> On 04 Mar 2016, at 10:20, Edgar Vonk - Info.nl <Edgar(a)info.nl> wrote:
>
> Hi all,
>
> We use the ‘Users > Credentials > Reset Actions (Update Password) >
Reset Actions Email’ functionality to send out emails to our users so that
they can set their password and log in to our application. This seems to
result in an ‘Account Session’ for each user. We notice that the timeout
for these sessions is too low for our purposes.
>
> How can we increase it? Is this the ‘SSO Session Max’ setting (default:
10 hours) or something else? We first thought it was the ‘Login action
timeout’ but apparently not. We want it to be in the order of several days.
>
> cheers
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user