Integer value, in seconds, for application absolute rolling duration.
The amount of time after the user has logged in that they will be logged out.
Set this to false
if you don't want an absolute duration on your session.
Defaults to 604800
seconds (7 days).
You can also use the AUTH0_SESSION_ABSOLUTE_DURATION
environment variable.
Optional
autoBoolean value to enable automatic session saving when using rolling sessions.
If this is false
, you must call touchSession(req, res)
to update the session.
Defaults to true
.
You can also use the AUTH0_SESSION_AUTO_SAVE
environment variable.
Optional
genA Function for generating a session id when using a custom session store.
IMPORTANT If you override this, you must use a suitable value from your platform to
prevent collisions. For example, for Node: require('crypto').randomBytes(16).toString('hex')
.
String value for the cookie name used for the internal session.
This value must only include letters, numbers, and underscores.
Defaults to appSession
.
You can also use the AUTH0_SESSION_NAME
environment variable.
If you want your session duration to be rolling, resetting everytime the
user is active on your site, set this to true
. If you want the session
duration to be absolute, where the user gets logged out a fixed time after login
regardless of activity, set this to false
.
Defaults to true
.
You can also use the AUTH0_SESSION_ROLLING
environment variable.
Integer value, in seconds, for application session rolling duration.
The amount of time for which the user must be idle for then to be logged out.
Should be false
when rolling is false
.
Defaults to 86400
seconds (1 day).
You can also use the AUTH0_SESSION_ROLLING_DURATION environment variable.
Optional
storeBy default, the session is stateless and stored in an encrypted cookie. But if you want a stateful session
you can provide a store with get
, set
and destroy
methods to store the session on the server.
Boolean value to store the ID token in the session. Storing it can make the session cookie too
large.
Defaults to true
.
Configuration parameters used for the application session.