To deactivate or effectively disable the

privileged_session_max_age

in the Ory configuration, you can set its value to a very large duration. This approach essentially makes the privileged session last for an extremely long time, effectively disabling the feature. Here's how you can do it: 1. Using the Ory CLI:

ory patch oauth2-config --project <project-id> --workspace <workspace-id> \   --replace '/selfservice/flows/settings/privileged_session_max_age="87600h"'

This sets the

privileged_session_max_age

to 10 years (87600 hours), which is practically equivalent to disabling it. 2. Alternatively, if you're using a configuration file, you can modify the

kratos.yml

file:

yaml selfservice:   flows:     settings:       privileged_session_max_age: 87600h

Remember that completely disabling or setting an extremely long duration for the privileged session max age might have security implications. The privileged session feature is designed to protect sensitive operations by requiring re-authentication after a certain period. By effectively disabling it, you're removing this security measure. It's important to note that this setting is different from the session's Authenticator Assurance Level (AAL) or the overall session lifespan. The

privileged_session_max_age

specifically relates to how long a session is considered privileged for certain sensitive operations [Ory Kratos User Settings & Profile Management Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-settings). Always consider the security implications of such changes and ensure they align with your application's security requirements.