[keycloak-user] How to increase session/token timeout for reset action emails?
Samuel Otter
samuel.otter at gmail.com
Fri Mar 4 09:18:55 EST 2016
I reported this as a bug a while back:
https://issues.jboss.org/browse/KEYCLOAK-2125
I also agree that persisting these tokens would be nice.
/Samuel Otter
Den fre 4 mars 2016 13:17LIEVRE Olivier <olivier.lievre at altran.com> skrev:
> Hello,
>
> We need exactly the same, so if there a solution it will also help, a
> workaround could be to increase SSO Session Idle.
>
> @+
> oli
>
> -----Message d'origine-----
> De : keycloak-user-bounces at lists.jboss.org [mailto:
> keycloak-user-bounces at lists.jboss.org] De la part de Edgar Vonk - Info.nl
> Envoyé : vendredi 4 mars 2016 12:06
> À : keycloak-user
> Objet : Re: [keycloak-user] How to increase session/token timeout for
> reset action emails?
>
> Some more info: currently we have the ‘Login action timeout’ set to 2 days
> (48 hours). In the ‘reset action’ emails that are sent to our user we see:
>
> "Your adminstrator has just requested that you update your Our Realm
> account. Click on the link below to start this process.
>
>
> https://gry-test.info.nl/auth/realms/our-realm/login-actions/execute-actions?key=zHyraAkcSzGO6HXXF9uVTrVx4r_b3a8Qk9JqWwF47gI.cf034bbd-2779-4aab-a444-0b86ffc9f948
>
> This link will expire within 2880 minutes.”
>
> So we assumed that these ‘Account Session’ tokens would remain active for
> 2 days (=2880 minutes). However this does not seem to be the case.. If I am
> not mistaken these sessions only live 30 minutes, the same as normal user
> sessions.
>
> Are we doing something wrong or is this is an issue in Keycloak?
>
> PS: instead of 'normal' sessions we would really want to use offline
> tokens for the reset action emails so that the reset action tokens are
> persisted in the database and can survive a server restart.
>
> cheers
>
> Edgar
>
>
> > On 04 Mar 2016, at 10:20, Edgar Vonk - Info.nl <Edgar at info.nl> wrote:
> >
> > Hi all,
> >
> > We use the ‘Users > Credentials > Reset Actions (Update Password) >
> Reset Actions Email’ functionality to send out emails to our users so that
> they can set their password and log in to our application. This seems to
> result in an ‘Account Session’ for each user. We notice that the timeout
> for these sessions is too low for our purposes.
> >
> > How can we increase it? Is this the ‘SSO Session Max’ setting (default:
> 10 hours) or something else? We first thought it was the ‘Login action
> timeout’ but apparently not. We want it to be in the order of several days.
> >
> > cheers
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160304/b51f9c92/attachment.html
More information about the keycloak-user
mailing list