Sessions
idaas.nl
stores session information on a per authentication module basis.
For each authentication modules you can configure the session details individually. For some modules - such as password - you might want to remember the users session, while on other modules - such as Facebook - you might choose not to remember session information.
Upon logout, all session information is destroyed.
Sessions
Sessions are stored per authentication module.
Go to Authentication and select one of the authentication modules. Consider remember my device
or remember my login
.
Tokens
Related to sessions are access tokens. When using OAuth 2.0 or OpenID Connect an access token is issued with a certain lifetime.
While all access tokens issued by idaas.nl
are JSON Web Tokens (JWT), they can nevertheless be revoked. When a client calls the OAuth 2.0 introspection endpoint, the state of the token is returned.
Subjects
At the end of succesful passing the presented list of authentication modules, a Subject
entity is created in idaas.nl. This one is unique for every log in action. A Subject is related to a User stored in idaas.nl or to a federated identity.