"Remember me" functionality


#1

I’ve managed to setup Octa authentication with Spring Boot and login widget. It works. What doesn’t work is “Remember me” field on the login page. All it does, it remembers to check the box. The session time remains the same. After less than an hour of inactivity I am required to login again. How do I make it remember me? I expect not to be required to provide password for days.


#2

What type of login are you performing, a standard OAuth redirect?
“Remember me” should only remember the identity of the person, not the authenticated state. The length of your Okta sessions is controlled via your Okta Admin Console.

Does that help?


#3

I think it’s the standard OAuth one.

So Remember me is just for remembering user’s login and prefilling the form?

I can’t seem to find session length setting. I would expect it to be in Application settings, in General Settings tab I can’t find anything about it. Could you direct me to the right place?

Thank you for your help.


#4

So, you can’t find it as well?


#5

As an admin you can find it using the classic UI
Security->Authentication->Sign-On->Add Rule
Scroll down and it is named “session lifetime”.
The default is 2 hours


Keep in mind that it is a good idea to get your users to login as often as they can as it can bring a security concern (so if they leave their device unlocked, someone can’t access the application easily)


#6

Thank you for helping me finding the setting. By the way - having two UI seems very confusing. But I guess one day okta will migrate to single one.


#7

I’m glad that helped you, enjoy your day!