Shortlived requestor session timing out before OTP expires
Hi,
We are trying to implement 2 factor authentication for password resets in Pega 7.4. There is a network delay of approx 2-3 mins before the OTP reaches the inbox. When the users are entering this OTP to reset the password an error message is displayed. We found a known issue in support article SA-48652
https://community.pega.com/support/support-articles/unauthenticated-requestor-timeout-prevents-mfa
This article explains the issue in detail and recommends increasing timeout/requestor/shortlived in prconfig.xml. The questions is can this change be done through DSS? Pega has moved away from using prconfig.xml file so why is it required here? If it is possible to create a DSS where can I get the details of the owning ruleset, purpose and value.