Documentation


This topic describes how to configure the token or cookie settings for a realm.

Prerequisites

  • SecureAuth® Identity Platform / SecureAuth IdP version 9.0 and later
  • Realm created for single-sign on (SSO)


Identity Platform configuration

  1. Go to the Post Authentication tab.
  2. In the Forms Auth / SSO Token section, click the View and Configure FormsAuth keys/SSO token link.
  3. In the Forms Authentication section, set the following configurations. 

    Require SSL

    Set whether to require SSL to view the token (True / False).

    CookielessChoose how the Identity Platform sends the token in a cookie to the user's browser or device:
    • UseCookies –  Always send a cookie. 
    • UseUri – Do not send a cookie. Instead, send the token in a query string. 
    • AutoDetect – Send a cookie if the user settings allow it.
    • UseDeviceProfile – Deliver a cookie if the browser settings allow it, regardless of the user settings.
    Sliding Expiration

    Set the expiration of the cookie: 

    • True – Cookie remains valid as long as the user is interacting with the page. 
    • False – Cookie is allowed to expire and user must reauthenticate. 
    TimeoutSet time in minutes, how long a cookie is valid.

    The Name, Login URL, and Domain fields do not require configuration. 

  4. In the Machine Key section, set the following configurations. 

    ValidationKeep the default value as SHA1. Otherwise, choose another value (MD5, 3DES, or AES) if required.
    DecryptionKeep the default value as Auto. Otherwise, choose another value (DES, 3DES, or AES) if required.

  5. In the Authentication Cookies section, set Persistent to one of the following values:
    • True - Expires after Timeout – Cookie is persistent. 
    • False - Session Cookie – Cookie is valid as long as the session is open. It will expire when browser closes or the session expires.

      The other fields do not require configuration. 

  6. Save your changes. 

  • No labels