...
This article describes how you can to configure logout timouts in the CoreOne Suite to manage when a User will get loged off for every client or for the whole CoreOne Suite.
| Table of Contents |
|---|
| Info |
|---|
On this page you will get more information about the liftetime of any token and about the clients: Client |
Tokens
It is possible to configure the lifetimes lifetime of any token for any client in the Web-GUI. For that, navigate Navigate to following page in the CoreOne Suite: SSO → Application → CoreOne Suite → Choose any client that you want to configure (Pencil-button on the right side of the client).
You can configure the lifetime of following 4 types of tokens:
Identity-token:
The identity token is used, that the CoreOne Suite knows that the user is authenticated. You will get this token after you started a session.
Access token:
The access token is used for getting access to the client of an specific user. You will get this token after the login to the CoreOne Suite.
Authorizationcode token:
??
Sliding refresh token:
This is used to refresh you’re identity and access token when they expire. So you can stay logged in, because you will get new tokens.
Logout while inactive
We’re able to set a specific time when the user should get logged off while he was inactive. Inactive means, that the user won’t execute any process in the CoreOne Suite in a period of time. You can set this parameter in the following For details about tokens and their lifetimes, please visit: Token
Inactivity Logout - Admin UI
If the user is inactive (no request was made) for a certain amount of time, the application will do a logout of the user. The amount of time may be configured within the installer or later in the .json file: FrotendWeb_ApplicationConfiguration.jsonThis file is in the following path: found at C:\ProgrammData\itsense\Configuration\FrotendWeb_ApplicationConfiguration.json
The setting is named InactivityLogoutTimespanInMinutes
...
...
We can set the Time-out lenght of the session cockie from the “Authentication Service“. This is configured in the IIS (Internet Information Services).
To set the time for the time-out, navigate to following page in the IIS: Sites → CoreOne Authentication Service → Session State
On the bottom of this page you will see the the configuration for the Time-out (in minutes). Here you can set the time, how long the SSO cockie should be valid.
...
Please be aware to recycle all Admin IIS Pools in order for this change to take effect.
SSO Session Cookie - IdP Setting
For how long the session cookie of the IdP is kept, can be configured within Admin UI. Navigate to Single Sign-On (SSO) → Settings
These settings are of interest:
LoginCookieExpiration in seconds
Determines for how long a session cookie is being kept. See Setting 13 in SettingsLoginCookieExpiration is sliding
Is a boolean value to set wether or not the login cookie should follow a sliding period and therefore be extended with new requests. See Setting 14 in SettingsEnableRememberMe
Whether or not to show the Remember Me button on the authentication page. See Setting 11 in SettingsRememberMeDuration in seconds
The lifetime of the remember me cookie in seconds. See Setting 12 in Settings
Please be aware to recycle all Auth IIS Pools in order for this change to take effect.