How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I enable Client-based sessions in AM (All versions)?

Last updated Apr 13, 2021

The purpose of this article is to provide instructions for enabling client-based sessions in AM. Client-based sessions were referred to as stateless sessions in AM 5.x.


1 reader recommends this article

Enabling client-based sessions

You can enable client-based sessions at a global level or at a realm level, where realm level settings override the global settings for the specific realm.

Global level

You can configure client-based sessions at the global level using either the console, Amster or ssoadm:

  • AM 6 and later console: navigate to: Configure > Authentication > Core Attributes > General and enable Use Client-based Sessions.
  • AM 5.x console: navigate to: Configure > Authentication > Core Attributes > General and enable Use Stateless Sessions.
  • Amster: follow the steps in How do I update property values in AM (All versions) using Amster? with these values:
    • Entity: Authentication
    • Property: statelessSessionsEnabled
  • ssoadm: enter the following command: $ ./ssoadm set-attr-defs -s iPlanetAMAuthService -t organization -u [adminID] -f [passwordfile] -a openam-auth-stateless-sessions=truereplacing [adminID] and [passwordfile] with appropriate values.

Realm level 

You can configure client-based sessions at the realm level using either the console, Amster or ssoadm​​​​​​​:

  • AM 6 and later console: navigate to: Realms > [Realm Name] > Properties and enable Use Client-based Sessions.
  • AM 5.x console: navigate to: Realms > [Realm Name] > Properties and enable Use Stateless Sessions.
  • Amster: follow the steps in How do I update property values in AM (All versions) using Amster? with these values:
    • Entity: Authentication
    • Property: statelessSessionsEnabled​​​​​​​
  • ssoadm: enter the following command: $ ./ssoadm set-realm-svc-attrs -s iPlanetAMAuthService -e [realmname] -u [adminID] -f [passwordfile] -a openam-auth-stateless-sessions=truereplacing [realmname], [adminID] and [passwordfile] with appropriate values.

See Also

FAQ: Cookies in AM

Sessions Guide › Choosing Where to Store Sessions.

Sessions Guide › Introducing Sessions

Security Guide › Configuring Client-Based Session Blacklisting

Authentication and Single Sign-On Guide › Core Authentication Attributes

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.