Skip to content

config properties session

GitHub Action edited this page Jan 8, 2025 · 9 revisions

Version

v1.3.2

session Type

object (session)

session Properties

Property Type Required Nullable Defined by
audience array Optional cannot be null Config
cookie object Optional cannot be null Config
enable_auth_token_header boolean Optional cannot be null Config
issuer string Optional cannot be null Config
lifespan string Optional cannot be null Config
server_side object Required cannot be null Config

audience

audience is a list of strings that identifies the recipients that the JWT is intended for. The audiences are placed in the aud claim of the JWT. If not set, it defaults to the value of thewebauthn.relying_party.id configuration parameter.

audience

  • is optional

  • cannot be null

audience Type

string[]

cookie

cookie contains configuration for the session cookie issued on successful registration or login.

cookie

  • is optional

  • cannot be null

cookie Type

object (Details)

enable_auth_token_header

enable_auth_token_header determines whether a session token (JWT) is returned in an X-Auth-Token header after a successful authentication. This option should be set to true if API and client applications run on different domains.

enable_auth_token_header

  • is optional

  • cannot be null

enable_auth_token_header Type

boolean

issuer

issuer is a string that identifies the principal (human user, an organization, or a service) that issued the JWT. Its value is set in the iss claim of a JWT.

issuer

  • is optional

  • cannot be null

issuer Type

string

lifespan

lifespan determines the maximum duration for which a session token (JWT) is valid. It must be a (possibly signed) sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".

lifespan

  • is optional

  • cannot be null

lifespan Type

string

lifespan Default Value

The default value is:

"12h"

server_side

server_side contains configuration for server-side sessions.

server_side

  • is required

  • cannot be null

server_side Type

object (Details)

Clone this wiki locally