Configuration of the session/login subsystem.
Sessions are not required by the REST API, but can be used if set up. A session is effectively just a cookie that links to a JWT generated by the login handler.
Session data can be stored either in memory or in a database, depending on whether or not is set.
Name |
Type |
Details |
boolean |
Set the flag to indicate that a session is required for all REST API calls. |
|
The purging period for the session data. A scheduled task is set up to run this often that will remove any expired sessions from both the in-memory cache and the database. |
||
int |
Length of the state passed in to the OAuth authentication endpoint. |
|
int |
Length of the PKCE code verifier passed in to the OAuth authentication endpoint. |
|
int |
Length of the nonce passed in to the OAuth authentication endpoint. |
|
Map of OAuth endpoints that the user can choose from when logging in. |
||
Configuration of the cookie used for the session. |