This topic describes how to configure the token or cookie settings for a realm. In the Forms Authentication section, set the following configurations. Set whether to require SSL to view the token (True / False). Set the expiration of the cookie: The Name, Login URL, and Domain fields do not require configuration. In the Machine Key section, set the following configurations. False - Session Cookie – Cookie is valid as long as the session is open. It will expire when browser closes or the session expires. The other fields do not require configuration. Prerequisites
Identity Platform configuration
Require SSL Cookieless Choose how the Identity Platform sends the token in a cookie to the user's browser or device: Sliding Expiration Timeout Set time in minutes, how long a cookie is valid. Validation Keep the default value as SHA1. Otherwise, choose another value (MD5, 3DES, or AES) if required. Decryption Keep the default value as Auto. Otherwise, choose another value (DES, 3DES, or AES) if required.