flaky-kilobyte-10585
11/18/2024, 1:28 PMbrief-egg-61061
11/18/2024, 1:28 PMbrief-egg-61061
11/18/2024, 1:29 PMprivileged_session_max_age
in the Ory configuration, you can set its value to a very large duration. This approach essentially makes the privileged session last for an extremely long time, effectively disabling the feature. Here's how you can do it: 1. Using the Ory CLI: ory patch oauth2-config --project <project-id> --workspace <workspace-id> \ --replace '/selfservice/flows/settings/privileged_session_max_age="87600h"'
This sets the privileged_session_max_age
to 10 years (87600 hours), which is practically equivalent to disabling it. 2. Alternatively, if you're using a configuration file, you can modify the kratos.yml
file: yaml selfservice: flows: settings: privileged_session_max_age: 87600h
Remember that completely disabling or setting an extremely long duration for the privileged session max age might have security implications. The privileged session feature is designed to protect sensitive operations by requiring re-authentication after a certain period. By effectively disabling it, you're removing this security measure. It's important to note that this setting is different from the session's Authenticator Assurance Level (AAL) or the overall session lifespan. The privileged_session_max_age
specifically relates to how long a session is considered privileged for certain sensitive operations [Ory Kratos User Settings & Profile Management Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-settings). Always consider the security implications of such changes and ensure they align with your application's security requirements.