Configure Fluent OMS session timeout for SSO users without external IDPs
Author:
Fluent Commerce
Changed on:
1 Jan 2024
Key Points
- Session timeout for Fluent OMS can be configured for SSO users without external IDPs via Ping Identity.
- In order to configure the timeout, you would need to configure Access token time to live and the authentication policy on Ping Identity.
Prerequisites
Steps
Overview
This guide shows Implementers how to configure Fluent OMS session timeout (automatic user log-out) for SSO users without external IDPs using Ping Identity configuration.
Instruction
Step 1. Configure the Access token time to live:
1.1. Navigate to the Connections menu → Resources sub-menu.
1.2. Edit the username Resource.
1.3. Set the token expiry time value (in seconds) in the Access token time to live field.
Click the Save button.
Step 2. Configure the Authentication Policy:
2.1. Navigate to the Experiences menu → Authentication sub-menu.
2.2. Edit your Authentication Policy.
2.3.1. Uncheck the Last sign-on older than…
Click the Save button.
2.3.2. Alternatively, set a new log-in time for the Last sign-on older than…
Click the Save button.
Session timeout configuration example
configure timeout
The following use case explains how the session timeout controls influence automatic user log-out.
Sample configuration
Control | Value |
Access token time to live | 300 seconds (5 minutes) |
Last sign-on older than… | 7 minutes |
- An SSO user log-in into the Fluent OMS.
- The user’s access token is updated by Ping Identity within 5 minutes from the log-in moment → no automatic log-out (as the session timeout has not been reached).
- Ping Identity notifies fluent OMS that the session timeout has been reached in 7 minutes from the log-in moment → no automatic log-out (as the user’s access token is still valid).
- The user log-out from Fluent OMS automatically 10 minutes from the log-in moment (with the token update attempt when the session timeout has been reached).
