I have used Okta.ASPNet sdk in MVC ASP.Net web application. It has cookie based authentication
The problem is session is expired in 15 minutes and redirect to authorize url.
Can we increase the timeout to 2 hrs?
Hello Rahul,
Is the issue one of,
- The user access token minted from Okta only has a 15 minute lifetime
- The MVC application session is only 15 minutes
- From the time the user does an /authorize call into their Okta domain, they only have 15 minutes to complete the login
If 1 this value can be configured via access policy/rules for the authorization server being used.
If 2 this will be setup via the .NET framework
If 3 this is not configurable. When an /authorize call is done into your Okta Org which brings up the login screen, Okta stores context information associated with this request. The length of time Okta stores this information is around 15-20 minutes. After that if a user enters their credentials it will result in an error.
If none of the above 3 address the issue can you supply more details of the issue.
This is regarding the cookie based authentication expiration timeout. After user authorization, Okta MVC middleware create a cookie, which got expired after 15-20 minuntes and redirect to authorize url.
I need to increase this cookie timeout. I have tried to set the ExpireTimeSpan as 2 hrs but still is expiring in 15-20 min only.
Please refer below posts to find the code I have used.