Login Session

Owned by Jiří Kaňka
Apr 05, 2024
2 min read

The login process schema is following:

logout-inactivity.drawio.png

Notes:

  • After successful login, a JWT token is created. This token will expire after 30 minutes by default. This can be changed on the server side. When the token expires, the user is automatically logged out.

  • It is possible to notify users after they log out that all browser windows must be closed to complete logging out when using SSO. To display a notification on the logout page, use enableLogoutAlert in feature flags. If you want the users to be redirected after logout to other page than the Pricefx login page, enable the feature flag useCustomLogoutURL and set the required URL in the customLogoutURL feature flag.
    Note that if a custom logout page is set, the logout security notification is not displayed.

  • If you want to prolong the session, you can enable the option “Disable automatic relogin of web UI” in General Settings:

    Screenshot 2024-04-02 at 21.04.57.png

    If this option is not disabled, it sends a PING request every 4.5 minutes to keep the user logged in and the session never expires.

  • Be aware of the setting “CSRF Blocker” on your partition. If it is enabled, it can happen that the PING request will not prolong the session as expected.

Found an issue in documentation? Write to us.