How to set your session length with mod_auth_openidc

There are two things to set:

# (Optional)
# Interval in seconds after which the session will be invalidated when no interaction has occurred.
# When not defined, the default is 300 seconds.
OIDCSessionInactivityTimeout 3600

And then you can also set:

# (Optional)
# Maximum duration of the application session
# When not defined the default is 8 hours (3600 * 8 seconds).
# When set to 0, the session duration will be set equal to the expiry time of the ID token.
# NB: this can be overridden on a per-OP basis in the .conf file using the key: session_max_duration
OIDCSessionMaxDuration 24000

No comments:

Post a Comment