how to set authorization code timeout ?
590 views
Skip to first unread message
suanhwee
Mar 11, 2024, 5:32:22 AM3/11/24
to Keycloak User
How do i set the authorization code timeout to 10seconds and below?
context:
https://www.keycloak.org/docs/21.1.2/server_admin/index.html#compromised-access-and-refresh-tokensunder the heading Compromised authorization code
"On the timeouts page in the Admin Console, you can specify the length of time an authorization code is valid. Ensure that the length of time is less than 10 seconds, which is long enough for a client to request a token from the code."
thanks
Andrey M.
Mar 11, 2024, 6:32:42 AM3/11/24
to Keycloak User
Hi.
In the session and token timeouts section there's the "Client login timeout" option visible on the 2nd screenshot.
I believe this is what you're looking for. It's set to 1 minute by default.
Reply all
Reply to author
Forward
0 new messages