ForgeRock Identity Platform
Does not apply to Identity Cloud

Core Token Service (CTS) and sessions in AM

This book provides information on the CTS and sessions in AM, including best practice advice for configuring CTS.

Printer friendly view

Table of Contents

  • 1 CTS Configuration
    • 1.1 Best practice for using Core Token Service (CTS) Affinity based load balancing in AM (All versions)
    • 1.2 Best practice for configuring an external DS instance for the Core Token Service (CTS) in AM 5.x and 6
    • 1.3 How do I configure an external CTS token store in AM (All versions) using Amster or ssoadm?
  • 2 CTS Token Types
    • 2.1 How do I know what LDAP attributes are used by CTS tokens (OAuth2 and session) in AM (All versions)?
    • 2.2 How do I know what OAuth2 and session token types are stored in the CTS in AM (All versions)?
    • 2.3 How do I delete all or some of the tokens in the CTS store in AM (All versions)?
  • 3 Sessions Configuration
    • 3.1 Best practice for configuring sessions in AM (All versions) to reduce the impact on the CTS store
    • 3.2 How do I change the session cookie name for AM and Agents (All versions)?
    • 3.3 How do I configure session timeouts in AM (All versions)?
    • 3.4 How do I configure realm level session timeouts in AM (All versions)?
    • 3.5 How do I configure user-level session timeouts in AM (All versions)?
    • 3.6 How do I configure the login page session timeout in AM 5.5.x, 6.x and 7.x when using authentication trees?
    • 3.7 How do I configure login page session timeouts in AM (All versions) when using authentication modules?
    • 3.8 How do I enable Client-based sessions in AM (All versions)?
    • 3.9 How do I change the location of the stats logs in AM (All versions)?
    • 3.10 How do I clear stats logs in AM (All versions)?
    • 3.11 How do I stop stats logging in AM (All versions)?
  • 4 Session Details
    • 4.1 How do I validate session tokens and obtain session details using the REST API in AM (All versions)?
    • 4.2 How do I retrieve user attributes from a session using the REST API in AM (All versions)?
    • 4.3 How do I authenticate to another chain but keep the same session token in AM (All versions)?
    • 4.4 How do I monitor session statistics in AM (All versions)?
  • 5 Frequently Asked Questions
    • 5.1 FAQ: Core Token Service (CTS) and session high availability in AM
  • 6 Known Issues
    • 6.1 Agent and IG session numbers keep growing in the CTS store in AM (All versions)
    • 6.2 CTS: Timed out whilst waiting for result errors in AM (All versions)
    • 6.3 ERROR: CTS Async: Task Processor Error: interrupt detected when shutting down AM (All versions)
    • 6.4 Continuous query listener has lost its connection and insufficient access rights errors in AM 5.x and 6.0.x
    • 6.5 Session quotas not limiting active user sessions in AM (All versions) when persistent cookies are used