IdentityServer icon indicating copy to clipboard operation
IdentityServer copied to clipboard

Published 20 hours ago verified publisher icon DuendeSoftware

Support absolute expiration of server side sessions when CoordinateLifetimeWithUserSession is enabled

Open josephdecock opened this issue 1 year ago • 0 comments

ISessionCoordinationService.ValidateSessionAsync always extends the server-side session. We call this method when validating refresh and reference tokens. The implication is that in order to use refresh (or reference tokens) with server-side sessions with an absolute expiration, the user must customize the ValidateSessionAsync method.

See also https://github.com/DuendeSoftware/Support/issues/1057

josephdecock avatar Jan 09 '24 18:01 josephdecock