Syntax
jwtSessionManager:
domain: <string>
expiresAfterSeconds: <number>
httpOnly: <boolean>
issuer: <string>
jwk: {}
sameSite: <string>
secure: <boolean>
sessionCookie: <boolean>
ttlExpiryRefreshOnAccess: <boolean>
verbose: <boolean>
jwtSessionManager:
domain: <string>
expiresAfterSeconds: <number>
httpOnly: <boolean>
issuer: <string>
jwk: {}
sameSite: <string>
secure: <boolean>
sessionCookie: <boolean>
ttlExpiryRefreshOnAccess: <boolean>
verbose: <boolean>
Attributes
| Name | Required | Default | Description | Examples |
|---|---|---|---|---|
| domain | false | - | - | - |
| expiresAfterSeconds | false | - | - | - |
| httpOnly | false | - | - | - |
| issuer | false | - | - | - |
| sameSite | false | - | - | - |
| secure | false | false | forces secure cookie attribute even when no ssl context is present (e.g. TLS termination in front of membrane) | - |
| sessionCookie | false | false | if true removes the expire part of a set cookie header and thus makes it a session cookie | - |
| ttlExpiryRefreshOnAccess | false | true | controls if the expiry refreshes to expiresAfterSeconds on access (true) or if it should not refresh (false) | - |
| verbose | false | - | - | - |
Child Structure
| Element | Cardinality | Description |
|---|---|---|
| jwk | 0..1 |