![]() ![]() Timeouts for tokens issued by Auth0 can be configured elsewhere. The authorization server session layer drives single sign-on (SSO). The Login Session Management settings configure the login session lifetime that represents the Auth0 Authorization Server session layer. More data about revoked keys is available in tenant logs. List of Revoked Keys: List of the last three revoked keys for your tenant. Its appearance indicates that the signing key has been rotated, but the previously-used key has not yet been revoked. Previously used: Key that was previously used. Next in queue: Key that will be used when the signing key is next rotated.Ĭurrently used: Key that is currently in use. List of Valid Keys: List of valid application signing keys for your tenant, which are also available at the Metadata endpoint for your application. Make sure you have updated your application with the next key in the queue before you rotate and revoke the current key. Rotate & Revoke Signing Key: Rotates the signing key and then revokes it effectively, moves the current key to the previous key, and then invalidates the previous key. All tokens signed with the previous key will still be valid until it is revoked. Rotate Signing Key: Rotates the signing key without revoking it effectively, moves the current key to the previous key. You can choose whether or not to revoke the signing key upon rotation. Rotation Settings: Settings that allow you to rotate the application signing key and certificate. On the Signing Keys tab, you can securely manage the signing key and certificate used to sign ID tokens, access tokens, SAML assertions, and WS-Fed assertions that are sent to your applications. Protect your users against brute force attacks and breached passwords. Disable this setting so you can explicitly enable the connections appropriate for each application.Įnable Attack Protection. As a result, users may be able to log in to the application through connections that you did not intend to be available. If this setting is enabled, all configured connections will be automatically enabled for any new application you create. To learn more, read Manage Dashboard Access and Manage Dashboard Access with Multi-Factor Authentication.ĭisable the Enable Application Connections setting. Configure additional Auth0 Dashboard users and enable multi-factor authentication (MFA). The value is 7 days by default, which is the length of time users can access your Auth0-integrated applications without re-entering their credentials. The SSO session timeout value specifies the time until a user's session expires. Set the Single Sign-On (SSO) session timeout. A custom domain unifies the login experience with your brand and provides additional benefits. If you are on a paid plan, you can configure a custom domain for your Auth0 tenant. This allows you to provide more complete and customized explanations to users about what to do in the event of an error. If possible, you should host your own custom error page and configure Auth0 to use it instead of the default page. Set these values to direct them to an email address or landing page to get assistance.Ĭonfigure a custom error page. If a user encounters an issue while logging in, they'll want to reach out for help. To learn more, read Set Up Multiple Environments. On non-Enterprise plans, only one tenant per subscription can be tagged as Production. Tenants tagged as Production are granted higher rate limits than tenants tagged as Development or Staging. When you configure your tenant, set the following items: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |