-
Notifications
You must be signed in to change notification settings - Fork 938
config properties session
v1.3.1
object (session)
| Property | Type | Required | Nullable | Defined by |
|---|---|---|---|---|
| audience | array |
Optional | cannot be null | Config |
| cookie | object |
Optional | cannot be null | Config |
| enable_auth_token_header | boolean |
Optional | cannot be null | Config |
| issuer | string |
Optional | cannot be null | Config |
| lifespan | string |
Optional | cannot be null | Config |
| server_side | object |
Required | cannot be null | Config |
audience is a list of strings that identifies the recipients that the JWT is intended for.
The audiences are placed in the aud claim of the JWT.
If not set, it defaults to the value of thewebauthn.relying_party.id configuration parameter.
audience
-
is optional
-
cannot be null
string[]
cookie contains configuration for the session cookie issued on successful registration or login.
cookie
-
is optional
-
cannot be null
object (Details)
enable_auth_token_header determines whether a session token (JWT) is returned in an X-Auth-Token
header after a successful authentication. This option should be set to true if API and client applications
run on different domains.
enable_auth_token_header
-
is optional
-
cannot be null
boolean
issuer is a string that identifies the principal (human user, an organization, or a service)
that issued the JWT. Its value is set in the iss claim of a JWT.
issuer
-
is optional
-
cannot be null
string
lifespan determines the maximum duration for which a session token (JWT) is valid. It must be a (possibly signed) sequence of decimal
numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m".
Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
lifespan
-
is optional
-
cannot be null
string
The default value is:
"12h"server_side contains configuration for server-side sessions.
server_side
-
is required
-
cannot be null
object (Details)