Skip to main content

Hi Experts, 

 

Once of our customer is asking where we can set the timeout for mWO authentication? 

 

Business Impact: Can we define the MWO session timeout.? Customer get the popup in MWO app 'Credential expired' after specific time and being asked to reauthenticate. They need know is the time user configurable?

 

If the timeout is not configurable the customer would like to know what is the default timeout set to.

 

Any input regarding this really appreciate. 

 

Best Regads,

Sanjana 

Hi

I am not an expert in this area, but we will need more information about what Cloud or IFS version the customer is using. If they use SSO or DB Authentication. 

This is not set in the MWO client as such, but is rather a set up on the method you use for authentication. So please prove the other informationa and I am sure some of our expert an answer it. 

Regards

Johan

 


Hi

In addition to what Johan said, IFS cloud use IFS Identity and Access Manager (IFS IAM) to handle user authentication. It’s common for mobile and web and any client accessing IFS cloud. Also by default session expiry time is not configurable and I think default is 30 min. 

Best to answer by A&A experts => Ping @Subhashini Sooriarachchi


Hi, 

Yes. Currently it’s not possible to configure the timeouts for IFS Cloud. It is set in Keycloak. 

We are trying to make it configurable from solution manager for 23R2 .  

/Subhashini 


 

Hi, 

Yes. Currently it’s not possible to configure the timeouts for IFS Cloud. It is set in Keycloak. 

We are trying to make it configurable from solution manager for 23R2 .  

/Subhashini 

Hi Subashini,

Is there any possible workaround   until a solution?

Is it possible to change the value set in Keycloak?

 

 

Thanks & Best Regards,

Janith

 

 


HI, 

It is possible to set the timeout from keycloak. But it will not persist. With the next delivery it will reset to default. 

/Subhashini 


HI, 

It is possible to set the timeout from keycloak. But it will not persist. With the next delivery it will reset to default. 

/Subhashini 

Hi Subhashini,
Could you please share some steps alter the keycloak timeout ?
Hope it be used as a post delivery workaround until 23R2 release. 

Best Regards,

Binu


Hi @subslk ,

is it from keycloak>clients>IFS_aurena>Advanced Settings?

 


Best Regards,
HashanD


Hi,    

 

NO! don’t do it for Aurena.  It should be only for what ever the IAM client used by MWO or for whole realm. We have never tested this for separate IAM Clients. 

From authentication side, we can only say, theoretically, it is possible to increase the timeout. But this needs to be validated from the relevant client side that they support it. 

Further there are dependencies between all these timeouts. you have to be very careful on those as well. 

 

@kathlk @JOOLSE I think you should test this and confirm from MWO side. 

 

If the customer decided to increase the timeouts for whole application we can help. 

 

/Subhashini 

 

 

 

 


Hi @subslk ,

Thank you for the update.

 


Hi @subslk

Can you please explain how to increase the IFS Timeout ?

We were told initially that IFS Timeout had no impact, and that the problem was due to Keycloack setting that IFS would take in consideration in 23R2.  

But we can try your solution.

 

Regards,


I’m afraid, this is a risky change to do. So please wait till 23R2. 

/Subhashini 


Hi, 

Yes. Currently it’s not possible to configure the timeouts for IFS Cloud. It is set in Keycloak. 

We are trying to make it configurable from solution manager for 23R2 .  

/Subhashini 

I’m afraid, due to technical limitations we will not be able to deliver the possibility to change the session timeouts in 23R2.  From the investigation we did, changing the values for the timeouts from keycloak admin console will make the environment unstable. So please don’t change the default values set by IFS. 

Current default values for session timeouts- 

Session Idle timeout - 2 hours 

Max session timeout - 10 hours. 

 

When will this be released again? - Still we are discussing when to release this fix. 

/Subhashini 


@subslk 

Hi Subhashini,

 

What’s the latest on this?  Can we expect a solution in a 23R2 service update?


Hi,

I’m afraid, this is an huge implementation, so definitely this will not go for a Service Update. 

This will be planned for a future Release soon. ( most probably for 24R2) 

 

/Subhashini 


@subslk 

Thanks, Subhashini.  Is there a workaround in the meantime?


@subslk Hi Subhashini! Is there any update on this? Either a workaround or perhaps an upcoming solution?


Hi.

This is planned for 24R2. 

 

/Subhashini


Hi @subslk 

 

Could you please confirm if this is for 24R2 GA or EA?

Additionally, could you let us know if there is an existing Jira ID for this issue?

 

/Janith


Hi @subslk 

is this still planned for 24R2 and still no other work around for this until the update is released?

Thanks 
Liam


Yes. This will deliver in 24R2. 

Thanks,

Subhashini 


Hi 

What are the idle timeout value for the Scan IT app in cloud and can it be changed?

Thanks 

Manjari


The Scan IT app use the same as the Web cloud. The Mobile apps doesn’t have any own other time out session values.


Hi @JOOLSE ,

so it is not possible to increase login timeout for Scan it cloud?

Thanks for response.

Romana


Reply