Use the Purge Expired Data plugin to delete values of an attribute that have expired. For example, an application can track information about an employee’s session and then expire the session after 24 hours. There can be multiple active sessions tracked across different devices with session information as shown in the following example.

In this example, the LDAP attribute is sessioninfo and the JSON field that stores the timestamp is creationTime. These are used to configure the Purge Expired Data plugin.

sessionInfo: { “sessionId” : “E85FAC04E331FFCA55549B10B7C7A4FA”,
"ipAddress": "10.0.0.00", "userAgent": "Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us)
AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10",
“creationTime” : “2018-03-31T13:10:15Z” }

Create the plugin to purge the JSON attribute values after 24 hours, rather than the entire session entry.

  1. Create an index on the creationTime field of the sessioninfo attribute.
    $ bin/dsconfig create-json-attribute-constraints \
      --attribute-type sessioninfo \
      --set enabled:true
    $ bin/dsconfig create-json-field-constraints \
      --attribute-type sessioninfo \
      --json-field creationTime \
      --set index-values:true \
      --set value-type:string
  2. Create and enable the plugin.
    $ bin/dsconfig create-plugin \
      --plugin-name "Purge Old Session Data Plugin" \
      --type purge-expired-data \
      --set enabled:true \
      --set "custom-datetime-format:yyyy-MM-dd'T'HH:mm:ss'Z'" \
      --set datetime-attribute:sessioninfo \
      --set datetime-format:custom \
      --set datetime-json-field:creationTime \
      --set "expiration-offset:1 d" \
      --set purge-behavior:delete-json-attribute-values