Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set quarkus.oidc.authentication.session-age-extension to a larger value by default and clarify its purpose #41130

Open
sberyozkin opened this issue Jun 11, 2024 · 1 comment · May be fixed by #41745
Open

Set quarkus.oidc.authentication.session-age-extension to a larger value by default and clarify its purpose #41130

sberyozkin opened this issue Jun 11, 2024 · 1 comment · May be fixed by #41745
Labels
area/oidc kind/enhancement New feature or request

Comments

@sberyozkin
Copy link
Member

Description

The role of quarkus.oidc.authentication.session-age-extension is not to extend the real session's age (ID token's age) but to make sure this token is available to Quarkus for a re-verification, possible auto-refresh, etc, even if the ID token expired.

Implementation ideas

Set to say 8 hours by default, and it will eliminate a lot of OIDC related session queries and concerns.
Also make it much clearer in the docs...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/oidc kind/enhancement New feature or request
1 participant
@sberyozkin