Enable SSO Only Mode

A flag to enable SSO only mode:

  • true: The agent manages only user authentication. The filter invokes the AM Authentication Service to verify the identity of the user. If the user’s identity is verified, the user is issued a session token through AM’s Session Service.

  • false: The agent manages user authorization, by using the policy engine in AM.

In SSO-only mode, consider configuring Reset Idle Timeout.

Default: false

Property name

com.sun.identity.agents.config.sso.only

Property aliases

com.sun.identity.agents.config.sso.only (since 4.x)

Type

Boolean: true returns true; all other strings return false.

Bootstrap property

No

Required property

No

Restart required

No

AM console tab

Global