Is the Universal Login state parameter timeout configurable?


The state parameter points to a record in an internal database where we track the status of the authorization transaction. Whenever the transaction completes, or after a set time passes, the record is deleted from the internal database.

Is the value for “set time passes” documented anywhere, or do we know what it is? And is it configurable?

1 Like

Hi @markd,

I found an internal reference saying it is tied to the Inactivity timeout settings. I tested it and had some success limiting the length of state’s ttl. I think the issue would be that this settings has greater effect than just the state’s ttl.

Can you share your use case?

1 Like

Use case: I want the state parameter to time out quickly so I can test the tenant and application default login URIs.

1 Like

If this is just for testing you can try setting the timeouts to 1 and it should make that process easier. Would that do it?

That should work! Thanks Dan.

1 Like