Set quarkus.oidc.authentication.session-age-extension
to a larger value by default and clarify its purpose
#41130
Labels
Description
The role of
quarkus.oidc.authentication.session-age-extension
is not to extend the real session's age (ID token's age) but to make sure this token is available to Quarkus for a re-verification, possible auto-refresh, etc, even if the ID token expired.Implementation ideas
Set to say 8 hours by default, and it will eliminate a lot of OIDC related session queries and concerns.
Also make it much clearer in the docs...
The text was updated successfully, but these errors were encountered: