Configure token or cookie settings
This topic describes how to configure the token or cookie settings for a realm.
Prerequisites
SecureAuth® Identity Platform / SecureAuth IdP version 9.3 or later
Realm created for single-sign on (SSO)
Identity Platform configuration
In Advanced Settings (formerly Classic Experience), go to the Post Authentication tab.
In the Forms Auth / SSO Token section, click the View and Configure FormsAuth keys/SSO token link.
In the Forms Authentication section, set the following configurations.
Require SSL
Set whether to require SSL to view the token (True / False).
Cookieless
Choose how the Identity Platform sends the token in a cookie to the user's browser or device:
UseCookies – Always send a cookie.
UseUri – Do not send a cookie. Instead, send the token in a query string.
AutoDetect – Send a cookie if the user settings allow it.
UseDeviceProfile – Deliver a cookie if the browser settings allow it, regardless of the user settings.
Sliding Expiration
Set the expiration of the cookie:
True – Cookie remains valid as long as the user is interacting with the page.
False – Cookie is allowed to expire and user must reauthenticate.
Timeout
Set time in minutes, how long a cookie is valid.
Tip
The Name, Login URL, and Domain fields do not require configuration.
In the Machine Key section, set the following configurations.
Validation
Keep the default value as SHA1. Otherwise, choose another value (MD5, 3DES, or AES) if required.
Decryption
Keep the default value as Auto. Otherwise, choose another value (DES, 3DES, or AES) if required.
In the Authentication Cookies section, set Persistent to one of the following values:
True - Expires after Timeout – Cookie is persistent.
False - Session Cookie – Cookie is valid as long as the session is open. It will expire when browser closes or the session expires.
The other fields do not require configuration.
Save your changes.