Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi folks! I'm working on integrating our SPA's with Kratos and migrating fully to Kratos for our identity management.

We target keeping short-lived cookies for our apps (30 min). In our current set up, any time the user makes a successfully authenticated request, their session is renewed and the "timer" resets (cookie has a new, later expiration date etc). Have folks implemented this type of behavior with Kratos yet?

I see these issues in github which seem relevant, seems like this is functionality we need to roll ourselves?

• <https://github.com/ory/kratos/issues/3246>
• <https://github.com/ory/kratos/discussions/3837#discussioncomment-9899854>
• <https://github.com/ory/docs/issues/1743> (documentation related)