Set authentication timeout
The legacy authentication method in REST API requires you to manually create an authentication session and then obtain an access token. By default, the session lifetime is 10 minutes and the token lifetime is 30 minutes, but you can change these values.
Out of the box, only Adaxes service administrators have the rights to configure REST API. Other users can be granted such rights using a security role with the Write all properties permission assigned over Configuration objects.
Change settings
These configuration settings apply only to legacy authentication. The lifetime of access tokens created using the New-AdmAccountToken cmdlet in Adaxes 2026.1 and newer is defined during creation.
Session lifetime
To change the authentication session lifetime, execute the following script and restart IIS on the computer where REST API component is installed.
In the script:
- $serviceHost – the host name of the computer where the Adaxes service is installed.
- $lifetimeMin – the authentication session lifetime in minutes.
- Adaxes 2023 and newer
-
Import-Module Adaxes $serviceHost = "localhost" $lifetimeMin = 5 # Connect to the Adaxes service. $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly($serviceHost) # Prompt for credentials. $credential = Get-Credential # Bind to the REST API configuration container. $containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer") $container = $service.OpenObject($containerPath, $credential.UserName, ` $credential.GetNetworkCredential().Password, 0) $restApi = $container.RestApi # Set session lifetime. $sessionLifeTime = ConvertTo-Json -Depth 4 @{ "advancedParameters"= @( @{ "name" = "Security.SignInSessionLifeTime"; "values" = @($lifetimeMin) } ) } # Save settings. $restApi.FromJson($null, $sessionLifeTime) - Adaxes 2021.1
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") $serviceHost = "localhost" $lifetimeMin = 5 # Connect to the Adaxes service. $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly($serviceHost) # Prompt for credentials. $credential = Get-Credential # Bind to the REST API configuration container. $containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer") $container = $service.OpenObject($containerPath, $credential.UserName,` $credential.GetNetworkCredential().Password, 0) $restApi = $container.RestApi # Set session lifetime. $parameters = $restApi.AdvancedParameters $sessionLifeTime = $parameters.GetParameter("Security.SignInSessionLifeTime") $sessionLifeTime.Value = $lifetimeMin $parameters.SetParameter($sessionLifeTime) # Save settings. $restApi.AdvancedParameters = $parameters $restApi.SetInfo()
After executing the script, restart IIS on the computer where REST API component is installed.
Token lifetime
To change the security token lifetime, execute the following script and restart IIS on the computer where REST API component is installed.
In the script:
- $serviceHost – the host name of the computer where the Adaxes service is installed.
- $lifetimeMin – the security token lifetime in minutes.
- Adaxes 2023 and newer
-
Import-Module Adaxes $serviceHost = "localhost" $lifetimeMin = 60 # Connect to the Adaxes service. $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly($serviceHost) # Prompt for credentials. $credential = Get-Credential # Bind to the REST API configuration container. $containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer") $container = $service.OpenObject($containerPath, $credential.UserName, ` $credential.GetNetworkCredential().Password, 0) $restApi = $container.RestApi # Set token lifetime. $tokenLifeTime = ConvertTo-Json -Depth 4 @{ "advancedParameters"= @( @{ "name" = "Security.AuthTicketLifeTime"; "values" = @($lifetimeMin) } ) } # Save settings. $restApi.FromJson($null, $tokenLifeTime) - Adaxes 2021.1
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") $serviceHost = "localhost" $lifetimeMin = 60 # Connect to the Adaxes service. $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly($serviceHost) # Prompt for credentials. $credential = Get-Credential # Bind to the REST API configuration container. $containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer") $container = $service.OpenObject($containerPath, $credential.UserName,` $credential.GetNetworkCredential().Password, 0) $restApi = $container.RestApi # Set token lifetime. $parameters = $restApi.AdvancedParameters $tokenLifeTime = $parameters.GetParameter("Security.AuthTicketLifeTime") $tokenLifeTime.Value = $lifetimeMin $parameters.SetParameter($tokenLifeTime) # Save settings. $restApi.AdvancedParameters = $parameters $restApi.SetInfo()
After executing the script, restart IIS on the computer where REST API component is installed.
View current settings
Execute the following script. In the script:
- $serviceHost – the host name of the computer where the Adaxes service is installed.
- Adaxes 2023 and newer
-
Import-Module Adaxes $serviceHost = "localhost" # Connect to the Adaxes service. $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly($serviceHost) # Prompt for credentials. $credential = Get-Credential # Bind to the REST API configuration container. $containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer") $container = $service.OpenObject($containerPath, $credential.UserName, ` $credential.GetNetworkCredential().Password, 0) $restApi = $container.RestApi $config = $restApi.ToJson('{elements: ["AdvancedParameters"]}') | ConvertFrom-Json # Session lifetime $sessionLifeTime = $config.advancedParameters | where name -eq Security.SignInSessionLifeTime if (-not $sessionLifeTime.values) { $sessionLifeTime | Add-Member @{"values" = 10} # default } Write-Host "Session lifetime: $($sessionLifeTime.values) min" # Token lifetime $tokenLifeTime = $config.advancedParameters | where name -eq Security.AuthTicketLifeTime if (-not $tokenLifeTime.values) { $tokenLifeTime | Add-Member @{"values" = 30} # default } Write-Host "Security token lifetime: $($tokenLifeTime.values) min" - Adaxes 2021.1
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") $serviceHost = "localhost" # Connect to the Adaxes service. $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly($serviceHost) # Prompt for credentials. $credential = Get-Credential # Bind to the REST API configuration container. $containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer") $container = $service.OpenObject($containerPath, $credential.UserName,` $credential.GetNetworkCredential().Password, 0) $restApi = $container.RestApi # Session lifetime $parameters = $restApi.AdvancedParameters $sessionLifeTime = $parameters.GetParameter("Security.SignInSessionLifeTime") if (-not $sessionLifeTime.Value) { $sessionLifeTime.Value = 10 # default } Write-Host "Session lifetime: $($sessionLifeTime.Value) min" # Token lifetime $tokenLifeTime = $parameters.GetParameter("Security.AuthTicketLifeTime") if (-not $tokenLifeTime.Value) { $tokenLifeTime.Value = 30 # default } Write-Host "Security token lifetime: $($tokenLifeTime.Value) min"