RHIDP-5491 configure expiry on refresh token cookie (redhat-developer#899)

themr0c · web-flow · commit 9a381cbf7eff · 2025-03-07T16:44:56.000+01:00
Signed-off-by: Fabrice Flore-Thébault &lt;ffloreth@redhat.com&gt;
diff --git a/modules/authentication/proc-enabling-authentication-with-github.adoc b/modules/authentication/proc-enabling-authentication-with-github.adoc
@@ -161,6 +161,20 @@ auth:
 ----
 ////
 
+`sessionDuration`::
+Lifespan of the user session.
+Enter a duration in `ms` library format (such as '24h', '2 days'), ISO duration, or "human duration" as used in code.
++
+.`app-config-rhdh.yaml` fragment with optional `sessionDuration` field
+[source,yaml,subs="+quotes"]
+----
+auth:
+  providers:
+    github:
+      production:
+        sessionDuration: { hours: 24 }
+----
+
 [TIP]
 ====
 To enable GitHub integration with a different authentication provider, complete the following configurations:
diff --git a/modules/authentication/proc-enabling-authentication-with-microsoft-azure.adoc b/modules/authentication/proc-enabling-authentication-with-microsoft-azure.adoc
@@ -133,6 +133,21 @@ auth:
         additionalScopes:
            - Mail.Send
 ----
+
+`sessionDuration`::
+Lifespan of the user session.
+Enter a duration in `ms` library format (such as '24h', '2 days'), ISO duration, or "human duration" as used in code.
++
+.`app-config-rhdh.yaml` fragment with optional `sessionDuration` field
+[source,yaml,subs="+quotes"]
+----
+auth:
+  providers:
+    microsoft:
+      production:
+        sessionDuration: { hours: 24 }
+----
+
 --
 
 [NOTE]
diff --git a/modules/authentication/proc-enabling-authentication-with-rhbk.adoc b/modules/authentication/proc-enabling-authentication-with-rhbk.adoc
@@ -163,6 +163,20 @@ auth:
 ----
 --
 
+`sessionDuration`::
+Lifespan of the user session.
+Enter a duration in `ms` library format (such as '24h', '2 days'), ISO duration, or "human duration" as used in code.
++
+.`app-config-rhdh.yaml` fragment with optional `sessionDuration` field
+[source,yaml,subs="+quotes"]
+----
+auth:
+  providers:
+    github:
+      production:
+        sessionDuration: { hours: 24 }
+----
+
 `auth.backstageTokenExpiration`::
 --
 To modify the {product-short} token expiration from its default value of one hour, note that this refers to the validity of short-term cryptographic tokens, not the session duration. The expiration value must be set between 10 minutes and 24 hours.
