We are using two authentication modules in our Angular based web portal, “Active Directory user account” and “OAuth 2.0/OpenID Connect” with EntraID (Azure AD) and are having some troubles with short session lifetime when using the OpenID module. We have set the configuration for “Persistent authentication token lifetime” (ServerLevelConfig/AuthTokensLifetimeMinutes) to 600 minutes in the Admin portal, and this is honored by the Active Directory module but not OAuth/OpenID.
Our Oauth/OpenID configuration are created using the wizard and logins works fine. Scope is set to “openid profile offline_access” and corrsponding permissions are set in the Azure App registration. Anything else we should configure to increase the token lifetime?
I’m not sure if it is relevant, but our configuration consists of ApiServers, AppServers and load balancers in the following manner:
WebBrowser -> Load Balancer A -> 3x ApiServers -> Load Balancer B -> 2x AppServers -> Database
Load Balancer A is configured with persistence on cookie imx_sessiongroup and Load Balancer B is configured with persistence on cookie ss-id
We are running Identity Manager 9.1.1 with the angular/HTML5 web portal