Make the Treeherder Auth0 session window be greater than 24 hours
Categories
(Tree Management :: Treeherder, enhancement, P3)
Tracking
(Not tracked)
People
(Reporter: emorley, Unassigned)
References
Details
(Whiteboard: [iam-RFE])
Comment 1•7 years ago
|
||
Comment 2•7 years ago
|
||
Comment 3•7 years ago
|
||
Comment 4•7 years ago
|
||
Comment 5•7 years ago
|
||
Comment 6•7 years ago
|
||
Comment 7•7 years ago
|
||
Comment 8•7 years ago
|
||
Reporter | ||
Comment 9•7 years ago
|
||
Comment 10•7 years ago
|
||
Reporter | ||
Comment 11•7 years ago
|
||
Via #servicedesk this morning:
10:22 AM <evilpie> is it normal that I have to login into Auto0 basically every day?
10:31 AM <burningchrome> evilpie: is this for all services, or specific ones?
10:32 AM <evilpie> burningchrome: I think I actually just use lando
10:34 AM <burningchrome> ok, I don't have details on the settings for lando but I've looped in the rest of the service desk team so someone should have answers for you soon
10:35 AM <evilpie> burningchrome: thank you
10:39 AM <burningchrome> evilpie: sounds like the EIS team are more likely to have answers
10:42 AM <lucius> evilpie: as far as I know, we (EIS) don't own lando. Do other folks on your team who use lando have a similar experience?
10:42 AM <evilpie> I don't know, I will ask around
10:44 AM <lucius> I'm told that smacleod might be a good person to talk to if your team says that your experience isn't normal
10:44 AM <lucius> although I think ckolos runs the service
10:47 AM <evilpie> thanks for your help, it's really not a big deal
10:47 AM <lucius> Eh, it sounds annoying :)
10:50 AM <kwierso> evilpie: fwiw, the same thing happens for auth0 via treeherder. If I don't have authenticated activity in treeherder within 24 hours, it usually signs me out.
10:50 AM <evilpie> kwierso: oh that sounds right on the mark
10:50 AM <kwierso> I think it just has a really short session time
10:51 AM <kwierso> can't really fault it for that since it gives access to so many things
10:56 AM <lucius> We dug around a little on our end, and it looks like this is expected, but session times could be extended on the Auth0 side for this application. Service owners just need to submit a request here: https://mozilla.service-now.com/sp?id=sc_cat_item&sys_id=1e9746c20f76aa0087591d2be1050ecb and we could technically make the session expiration up to 7 days (which
10:56 AM <lucius> is the max time we allow session tokens in any auth0 connected system to exist as far as I know)
Maybe we can revisit this?
Reporter | ||
Comment 13•6 years ago
|
||
I think it was the security team's guidelines that set the 24 hours limit perhaps then. Have those guidelines changed?
Comment 14•6 years ago
|
||
Anyone who really wants to take this and run with it is welcome to pick it up, however, it is not a P1 for the Treeherder team.
Updated•3 years ago
|
Description
•