Access Management 7.3.2

Configure in-memory authentication sessions

Authentication chains always store authentication sessions in AM’s memory. Perform the steps in the following procedure only for realms that configure authentication trees:

  1. Ensure you have configured AM for sticky load balancing.

    For more information, see Load balancing.

  2. In the AM admin UI, go to Realms > Realm Name > Authentication > Settings > Trees.

  3. From the Authentication session state management scheme drop-down list, select In-Memory.

  4. In the Max duration (minutes) field, enter the maximum life of the authentication session in minutes.

  5. Save your changes.

  6. Go to Configure > Authentication > Core > Security.

  7. In the Organization Authentication Signing Secret field, enter a base64-encoded HMAC secret that AM uses to sign the JWT that is passed back and forth between the client and AM during the authentication process. The secret must be, at least, 128-bits in length.

  8. Save your changes.