'Inactivity timeout' and 'require login after' tenant settings look incorrect

Knowledge Solutions
, ,
1

Problem statement

I have used the dashboard to update my tenant’s ‘Inactivity timeout’ and ‘require login after’ settings. I chose to configure 30 minutes for both of these time-out intervals.
However, the behavior of this endpoint is not what I expected, so I have two questions that I would like to ask

  1. When I go to the Management API and retrieve these settings using the Get tenant settings endpoint, it seems to return some fractional values.

“idle_session_lifetime”: 0.5,
“session_lifetime”: 0.5,

Given that I set each of these in the dashboard as 30 minutes, how should I interpret these values?

  1. I have tried to update the tenant settings via the Management API and pass in the same or similar fractional values ( for example 0.75, 0.75 ), I receive validation errors that only integers are allowed for these two fields - even though they’re returned as fractions:

"400: Payload validation error: 'Expected type integer but found type number' on property session_lifetime

(Number of hours a session will stay valid). (also) Payload validation error: ‘Expected type integer but found type number’ on property idle_session_lifetime (Number of hours for which a session can be inactive before the user must log in again). "

If I want to the update tenant settings endpoint to set the value of these time-out values, what number format will the API accept?

Solution

With regards to the ‘Inactivity timeout’ and ‘Require login after’ settings, these settings are defined as follows:

  • The Dashboard interface: values are defined as integer minutes:
    – So for example you might specify 60, 90.
    – See Configure Session Lifetime Settings.

  • Making a request to the Get tenant settings endpoint: returns the values as hours and is represented in fractions.
    – So for example, the API might return 0.5, 0.75 for these settings.

We are aware of this inconsistency and intend to address this in the future.

In order to update the ‘Inactivity timeout’ and ‘Require login after’ settings via the Management API, as documented here:

https://auth0.com/docs/api/management/v2/tenants/patch-settings

You must specify the values in whole minutes ( e.g. 90, 120 )

1 Like