Reset Idle Timeout

A flag for whether an agent configured in SSO-only mode should refresh the user’s session idle time when the user accesses a protected resource.

AM sessions have an idle timeout after which they expire. When users access protected resources through an agent, the agent requests a policy decision on behalf of that user, which resets the idle timeout.

If the agent is configured in SSO-only mode, the session may unexpectedly expire in AM due to idle timeout before the user has finished accessing the application.

Set this property to true to refresh the timeout when the user performs an action.

When set to true, the agent makes an additional call to AM; this may cause a performance impact. Configure this property only if:

  • The agent is configured in SSO-only mode

  • User’s sessions are timing out in AM because they are unexpectedly reaching the maximum idle timeout value.

Default: false

Property name

com.forgerock.agents.call.session.refresh

Property aliases

com.forgerock.agents.call.session.refresh (since 5.7)

Type

Boolean: true returns true; all other strings return false.

Bootstrap property

No

Required property

No

Restart required

No

AM console tab

Global (Available in the console from AM 6.5)