You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.
In addition we can introduce disableAuthnForMaxAgeZero with default value false. If true - authn will be disabled.
max_age
OPTIONAL. Maximum Authentication Age. Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP. If the elapsed time is greater than this value, the OP MUST attempt to actively re-authenticate the End-User. (The max_age request parameter corresponds to the OpenID 2.0 PAPE [OpenID.PAPE] max_auth_age request parameter.) When max_age is used, the ID Token returned MUST include an auth_time Claim Value.
Expected behavior
Setting max_age parameter with 0 value in a authorization request enables the user to log in.
Actual behavior
Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.
Support: 10742
The text was updated successfully, but these errors were encountered:
Describe the issue
Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.
In addition we can introduce
disableAuthnForMaxAgeZero
with default valuefalse
. Iftrue
- authn will be disabled.Expected behavior
Setting max_age parameter with 0 value in a authorization request enables the user to log in.
Actual behavior
Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.
Support: 10742
The text was updated successfully, but these errors were encountered: