Marcus Christie created AIRAVATA-2507:

             Summary: Increase Keycloak access token lifetime from default of 5 
                 Key: AIRAVATA-2507
             Project: Airavata
          Issue Type: Bug
          Components: PGA PHP Web Gateway
    Affects Versions: 0.18
            Reporter: Marcus Christie
            Assignee: Marcus Christie

Default Keycloak Access token lifetime is 5 minutes. This means if the user is 
idle in the PGA for 5 minutes or more then they get logged out and can't 
successful submit their work. In some cases this means the user loses work.

Here is [documentation on various timeouts in 
 I think two are relevant here:
* Access Token Lifespan - this is the main one that affects access token 
lifetime. I think we should make this 30 minutes (at least).
* SSO Session Idle - this timeout also affects access token lifetime.  It 
defaults to 30 minutes. It resets whenever there is an authentication or the 
use of a refresh token. Thus, Keycloak recommends that the Access Token 
Lifespan be less than the SSO Session Idle. I think we should make SSO Session 
Idle to 1 hour.

This message was sent by Atlassian JIRA

Reply via email to