The default value for TokenLifetime on a RP trust is 0. But what value is 0?
As usual, a heap of garbage via Google.
60 minutes, 300 minutes, 600 minutes, 10 hours ...
Using ADFS 4.0 and looking at a SAML RP, we get:
Conditions NotBefore="2017-09-12T19:24:01.817Z"
NotOnOrAfter="2017-09-12T20:24:01.817Z"
So the correct answer is 1 hour = 60 minutes.
Note: Don't confuse this with the ADFS wide WebSSOLifetime. This is a server wide timeout parameter.
The default value for that = 8 hours = 480 minutes.
Enjoy!
4 comments:
This seriously helped me. Like you, i had to go through a heap of garbage and misinformation. Thanks!
Thanks a lot! Like you, i had to go through a heap of misinformation.
Wow, thank you, this also saved me a ton of time!
Ditto !!!!
Post a Comment