--- title: Configuring the PingAuthorize admin console description: Configure the PingAuthorize admin console according to your business requirements. component: pingauthorize version: 11.0 page_id: pingauthorize:pingauthorize_server_administration_guide:paz_config_admin_console canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_server_administration_guide/paz_config_admin_console.html revdate: December 16, 2025 section_ids: steps: Steps choose-from: Choose from: example-setting-console-timeout: "Example: Setting the session timeout" steps-2: Steps steps-3: Steps --- # Configuring the PingAuthorize admin console After you've installed the PingAuthorize Server and signed onto the PingAuthorize admin console, configure the console according to your business requirements. The following table describes the available configuration properties for the admin console: > **Collapse: Configuration settings** > > | Setting | Description | > | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | > | `spring.*` | Learn more about these properties in the [Spring API documentation](https://docs.spring.io/spring-boot/appendix/application-properties/index.html).You shouldn't modify these settings. | > | `management.server.base-path` | Controls the prefix of the Spring Boot Actuator endpoints of the admin console application.You shouldn't modify this setting. | > | `logging.level.*` | Controls the severity level of messages logged about these packages. | > | `log.console` | If this is set to `true`, the admin console logs messages to a file. | > | `log.file` | If logging is enabled, this specifies the file that the admin console logs to. | > | `login.hide-server` | If this is set to `true`, the **Server** field is hidden on the sign-on page. | > | `branding.appName` | Specifies the name displayed by the admin console. | > | `ldap.server` | Auto-populates the 'server' field on the sign-on page.If `login.hide-server=true`, this value determines which PingAuthorize Server the admin console tries to bind to. | > | `ldap.init-user` | Auto-populates the **Username** field on the sign-on page. | > | `ldap.init-password` | Auto-populates the **Password** field on the sign-on page. | > | `ldap.trust-store-file` | Specifies the file path to the trust store used when binding to the PingAuthorize Server. | > | `ldap.trust-store-type` | Specifies the type of trust store defined by `trust-store-file`. | > | `ldap.trust-store-pin` | Specifies the password used with the trust store defined by `trust-store-file`. | > | `ldap.trust-store-pin-environment-variable` | Specifies the environment variable containing the password used with the trust store defined by `trust-store-file`. | > | `ldap.file-servlet-name` | Specifies the name of the file servlet on the managed PingAuthorize Server to use when fetching generated `collect-support-data` (CSD) or server profiles. | > | `ldap.csd-task-enabled` | If this is set to `true`, the admin console displays a button for running a `collect-support-data` task. | > | `ldap.csd-destination-folder` | The file path to the folder where the managed PingAuthorize Server stores generated CSD files after running the `collect-support-data` task. | > | `configuration.complexity` | Determines the maximum complexity level for displayed configuration objects.The allowed values are `basic`, `standard`, `advanced`, and `expert`. The default value is `expert`. | > | `server.servlet.session.timeout` | The amount of time a web session can remain idle before the user must sign on again. The time is set in seconds unless you specify a time interval (**h** for hours or **m** for minutes). If unspecified, the default is 30 minutes. | > | `system.readOnly` | Specifies whether to configure the admin console in read-only mode. | To configure the admin console: ## Steps 1. Edit the admin console's configuration properties. ### Choose from: * Modify the `tmp/console/webapp/WEB-INF/classes/application.yml` file. * In the admin console, set `init-parameter` values for the desired configuration properties, following the same steps described in [Example: Setting the session timeout](#example-setting-console-timeout). 2. Restart the PingAuthorize Server for your changes to take effect. ## Example: Setting the session timeout The default session timeout for the admin console is 30 minutes. When this duration is exceeded, all inactive users are logged off automatically. To set a different timeout value, configure the `server.servlet.session.timeout` application parameter, which specifies the timeout duration in seconds. You can set this value as an `init` parameter either in the admin console or on the command line. * Admin console * Command line ### Steps 1. In the PingAuthorize admin console, click **Configuration** in the sidebar. 2. Enable the **Show all configuration** toggle. 3. In the **Web Services and Applications** section, click **Web Application Extensions**. 4. Click **Console**. 5. In the **Init Parameter** field, enter `server.servlet.session.timeout=`. Replace \ with the desired timeout duration in seconds. 6. Click **Save**. ### Steps * Use the `dsconfig set-web-application-extension-prop` command with the following arguments: ``` dsconfig set-web-application-extension-prop --no-prompt \ --extension-name Console \ --add init-parameter:server.servlet.session.timeout= ``` Replace \ with the desired timeout duration in seconds.