In the Kratos open-source setup, the lifespan of an authenticated session after login is set up in the configuration file. The session lifespan is expressed in hours, minutes, and seconds. You can use a combination of these units to define the desired lifespan. For example:

72h

,

10m

,

12s

,

1h13m3s

. To change the session lifespan, you can use the Ory Console or Ory CLI. In the Ory Console, go to Session Settings, enter the desired lifespan, and click the Save button. For the Ory CLI, follow these steps: 1. Download the Ory Identities config from your project and save it to a file:

bash ## List all available projects   ory list projects      ## Get config   ory get identity-config {project-id} --format yaml > identity-config.yaml

2. Update the configuration value for session lifespan property to the desired value in the

config.yml

file:

bash session:   cookie:    domain: {project.slug}.<http://projects.oryapis.com|projects.oryapis.com>    name: ory_session_{name}    path: /    persistent: false    same_site: Lax   lifespan: 720h

3. Update the Ory Identities configuration using the file you worked with:

bash ory update identity-config {project-id} --file identity-config.yaml

For more details, you can refer to the [Ory documentation](https://www.ory.sh/docs/kratos/session-management/session-lifespan).

Yes, after following the steps mentioned above, the lifespan of the session is updated in the local Kratos setup. The

lifespan

property in the

config.yml

file determines the duration of the session. When you update this value and apply the changes using the Ory CLI, the new session lifespan is set in your local Kratos setup. Remember, when the session lifespan expires, the user must re-authenticate. The session lifespan is expressed in hours, minutes, and seconds. For example, to set the session lifespan to 30 days, you would enter

720h

. For more information, you can refer to the [Ory documentation](https://www.ory.sh/docs/kratos/session-management/session-lifespan).

If you have updated the

identity-config

using the

ory update identity-config

command and the session expiration is still after one day, it's possible that the changes might not have been applied correctly or the session lifespan might be getting overridden somewhere else. Here are a few things you can check: 1. Configuration File: Ensure that the

lifespan

property under

session

in your

identity-config.yaml

file is set to the desired value. For example, if you want the session to last for 30 days, it should be

lifespan: 720h

. 2. Command Execution: Make sure the

ory update identity-config

command was executed without any errors. If there were any issues during the execution, they need to be resolved. 3. Session Refresh: In Ory Kratos, you can limit the time in which the session can be refreshed by adjusting the

earliest_possible_extend

configuration. If you set

earliest_possible_extend

to

24h

, sessions can't be refreshed sooner than 24 hours before they expire. Check this setting in your configuration. 4. Other Configurations: Check if there are any other configurations that might be overriding the session lifespan. For example, the session cookie

max-age

is by default the same as the set session lifespan. If you have set the

session/cookie/persistent

value to

false

, it allows you to define a different cookie

max-age

. If you're still facing issues, I would recommend referring back to the [Ory Kratos documentation](https://www.ory.sh/docs/kratos/) or seeking help from the Ory community.