<@U04UQ68083H> How can i desactivate the privilege...
# ory-copilot
f
@chilly-king-10285 How can i desactivate the privileged_session_max_age in the configuration?
b
A message from kapa.ai
To deactivate or effectively disable the
privileged_session_max_age
in the Ory configuration, you can set its value to a very large duration. This approach essentially makes the privileged session last for an extremely long time, effectively disabling the feature. Here's how you can do it: 1. Using the Ory CLI:
Copy code
ory patch oauth2-config --project <project-id> --workspace <workspace-id> \   --replace '/selfservice/flows/settings/privileged_session_max_age="87600h"'
This sets the
privileged_session_max_age
to 10 years (87600 hours), which is practically equivalent to disabling it. 2. Alternatively, if you're using a configuration file, you can modify the
kratos.yml
file:
Copy code
yaml selfservice:   flows:     settings:       privileged_session_max_age: 87600h
Remember that completely disabling or setting an extremely long duration for the privileged session max age might have security implications. The privileged session feature is designed to protect sensitive operations by requiring re-authentication after a certain period. By effectively disabling it, you're removing this security measure. It's important to note that this setting is different from the session's Authenticator Assurance Level (AAL) or the overall session lifespan. The
privileged_session_max_age
specifically relates to how long a session is considered privileged for certain sensitive operations [Ory Kratos User Settings & Profile Management Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-settings). Always consider the security implications of such changes and ensure they align with your application's security requirements.