Overview
Sometimes, a customer will want to perform selective session and/or refresh token expiry modifications depending on business needs. This can be best performed in Action code. This article provides an example of using Action code to change all session and refresh token expiry.
Applies To
- Sessions
- Refresh Tokens
Solution
Below is example Action code that changes all session and refresh token expiry (absolute and idle). This is set using the absolute timestamp, which references the current instance of time (during Action execution) then adding the desired time.
For ease of reference, the examples below add 10 seconds to the current time.
exports.onExecutePostLogin = async (event, api) => {
const created = new Date().getTime();
console.log("Created date: "+ created);
const set10seconds = created + Number("10000"); // Current date + how many milliseconds (1000 in a second) [10 seconds]
// Session - Direct Expiry
api.session.setExpiresAt(set10seconds);
// Session - Idle Expiry
api.session.setIdleExpiresAt(set10seconds);
// Refresh token - Direct Expiry
api.refreshToken.setExpiresAt(set10seconds);
// Refresh token - Idle Expiry
api.refreshToken.setIdleExpiresAt(set10seconds);
};