Introduction

This article describes how to configure logout timouts in the CoreOne Suite.

Tokens

It is possible to configure the lifetime of any token for any client in the Web-GUI. Navigate to following page in the CoreOne Suite: SSO → Application → CoreOne Suite → Choose any client that you want to configure (Pencil-button on the right side of the client).

For details about tokens and their lifetimes, please visit: Token

Inactivity Logout - Admin UI

If the user is inactive (no request was made) for a certain amount of time, the application will do a logout of the user. The amount of time may be configured within the installer or later in the .json file: FrotendWeb_ApplicationConfiguration.json found at C:\ProgrammData\itsense\Configuration\

The setting is named InactivityLogoutTimespanInMinutes

Please be aware to recycle all Admin IIS Pools in order for this change to take effect.

SSO Session Cookie - IdP Setting

For how long the session cookie of the IdP is kept, can be configured within Admin UI. Navigate to Single Sign-On (SSO) → Settings

These settings are of interest:

• LoginCookieExpiration in seconds
  Determines for how long a session cookie is being kept. See Setting 13 in Settings

• LoginCookieExpiration is sliding
  Is a boolean value to set wether or not the login cookie should follow a sliding period and therefore be extended with new requests. See Setting 14 in Settings

• EnableRememberMe
  Whether or not to show the Remember Me button on the authentication page. See Setting 11 in Settings

• RememberMeDuration in seconds
  The lifetime of the remember me cookie in seconds. See Setting 12 in Settings

IIS Cookie Setting

In the IIS Manager navigate to: Sites → CoreOne Authentication Service / CoreOne Web Service / CoreOne Self-Service → Session State → Cookie Settings

It is adviced to set this setting according to LoginCookieExpiration in seconds