On Sat, Jul 4, 2020 at 9:26 PM Benchu Yao <[email protected]> wrote:
> If I set api-session-timeout to 0, does it mean that the token will expire > immediately when the session ends > The web application session and the token are essentially the same thing. They do not expire independently of each other. The token is how the session is identified, and the session ceases to exist once its token is invalidated. This is what happens when a user explicitly logs out of Guacamole or when Guacamole terminates their session due to inactivity. If you are referring to the remote desktop session, that is an entirely different beast and has nothing to do with Guacamole's tokens or Guacamole's sessions. If you want to configure how long a particular remote desktop server allows sessions to stay alive, you will need to configure that remote desktop server accordingly. - Mike
