Hi

I am not an expert in this area, but we will need more information about what Cloud or IFS version the customer is using. If they use SSO or DB Authentication. 

This is not set in the MWO client as such, but is rather a set up on the method you use for authentication. So please prove the other informationa and I am sure some of our expert an answer it. 

Regards

Johan

Hi

In addition to what Johan said, IFS cloud use IFS Identity and Access Manager (IFS IAM) to handle user authentication. It’s common for mobile and web and any client accessing IFS cloud. Also by default session expiry time is not configurable and I think default is 30 min. 

Best to answer by A&A experts => Ping @Subhashini Sooriarachchi

Hi, 

Yes. Currently it’s not possible to configure the timeouts for IFS Cloud. It is set in Keycloak. 

We are trying to make it configurable from solution manager for 23R2 .  

/Subhashini 

Hi Subashini,

Is there any possible workaround   until a solution?

Is it possible to change the value set in Keycloak?

Thanks & Best Regards,

Janith

HI, 

It is possible to set the timeout from keycloak. But it will not persist. With the next delivery it will reset to default. 

/Subhashini 

Hi Subhashini,
Could you please share some steps alter the keycloak timeout ?
Hope it be used as a post delivery workaround until 23R2 release. 

Best Regards,

Binu

Hi @subslk ,

is it from keycloak>clients>IFS_aurena>Advanced Settings?

 

Best Regards,
HashanD

Hi,    

NO! don’t do it for Aurena.  It should be only for what ever the IAM client used by MWO or for whole realm. We have never tested this for separate IAM Clients. 

From authentication side, we can only say, theoretically, it is possible to increase the timeout. But this needs to be validated from the relevant client side that they support it. 

Further there are dependencies between all these timeouts. you have to be very careful on those as well. 

@kathlk @JOOLSE I think you should test this and confirm from MWO side. 

If the customer decided to increase the timeouts for whole application we can help. 

/Subhashini 

Hi @subslk ,

Thank you for the update.

 

Hi @subslk, 

Can you please explain how to increase the IFS Timeout ?

We were told initially that IFS Timeout had no impact, and that the problem was due to Keycloack setting that IFS would take in consideration in 23R2.  

But we can try your solution.

Regards,

I’m afraid, this is a risky change to do. So please wait till 23R2. 

/Subhashini 

I’m afraid, due to technical limitations we will not be able to deliver the possibility to change the session timeouts in 23R2.  From the investigation we did, changing the values for the timeouts from keycloak admin console will make the environment unstable. So please don’t change the default values set by IFS. 

Current default values for session timeouts- 

Session Idle timeout - 2 hours 

Max session timeout - 10 hours. 

When will this be released again? - Still we are discussing when to release this fix. 

/Subhashini 

@subslk 

Hi Subhashini,

What’s the latest on this?  Can we expect a solution in a 23R2 service update?

Hi,

I’m afraid, this is an huge implementation, so definitely this will not go for a Service Update. 

This will be planned for a future Release soon. ( most probably for 24R2) 

/Subhashini 

@subslk 

Thanks, Subhashini.  Is there a workaround in the meantime?

@subslk Hi Subhashini! Is there any update on this? Either a workaround or perhaps an upcoming solution?

Hi.

This is planned for 24R2. 

/Subhashini

Hi @subslk 

Could you please confirm if this is for 24R2 GA or EA?

Additionally, could you let us know if there is an existing Jira ID for this issue?

/Janith

Hi @subslk 

is this still planned for 24R2 and still no other work around for this until the update is released?

Thanks 
Liam

Yes. This will deliver in 24R2. 

Thanks,

Subhashini 

Hi 

What are the idle timeout value for the Scan IT app in cloud and can it be changed?

Thanks 

Manjari

The Scan IT app use the same as the Web cloud. The Mobile apps doesn’t have any own other time out session values.

Hi @JOOLSE ,

so it is not possible to increase login timeout for Scan it cloud?

Thanks for response.

Romana