Learn how to prevent unexpected log off from the Constellation application when you are active.
Issue
User gets logged out after a period of time while working on a Constellation application. This issue occurs even when the user is active. Additionally, Login to continue dialog window displays on the screen.
Explanation
Set refresh token from IDP gets enabled by default when the OAuth client registration happens in the backend when a Constellation application is being created. However, there can be use cases where IDP does not share refresh token during Authentication phase or the SSO might have not been implemented in the environment.
Solution
Update the OAuth2 client registration rule instance by following either of the following steps:
- Set Token issuance to Issue a new refresh token and reset expiry
- Disable Set refresh token expiry from IDP session expiry - When this is enabled (by default), the system ignores the value set for Refresh token lifetime (in seconds) in the Token expiry section and gets the value from the IDP. There can be use cases where IDP is not sharing refresh token during authentication phase or SSO might have not been implemented and the defaulted timeout is too short.
For more information, refer to the following articles: