Set authentication timeout

You can change the lifetime of REST API authentication sessions and security tokens. By default, the session lifetime is 10 minutes and the token lifetime is 30 minutes.

Out of the box, only Adaxes service administrators have the rights to configure REST API. Other users can be granted such rights using a security role with the Write all properties permission assigned over Configuration objects.

Change settings

 Session lifetime

To change the authentication session lifetime, execute the following script and restart IIS on the computer where REST API component is installed.

In the script:

  • $serviceHost – the host name of the computer where the Adaxes service is installed.
  • $lifetimeMin – the authentication session lifetime in minutes.
Adaxes 2023 and newer
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost"
$lifetimeMin = 5

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Prompt for credentials.
$credential = Get-Credential

# Bind to the REST API configuration container.
$containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer")
$container = $service.OpenObject($containerPath, $credential.UserName, `
    $credential.GetNetworkCredential().Password, 0)
$restApi = $container.RestApi

# Set session lifetime.
$sessionLifeTime =  ConvertTo-Json -Depth 4 @{
    "advancedParameters"= @(
        @{
            "name" = "Security.SignInSessionLifeTime";
            "values" = @($lifetimeMin)
        }
    )
}

# Save settings.
$restApi.FromJson("{elements: ['AdvancedParameters']}", $sessionLifeTime)
Adaxes 2021.1
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost" 
$lifetimeMin = 5 

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Prompt for credentials.
$credential = Get-Credential

# Bind to the REST API configuration container.
$containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer")
$container = $service.OpenObject($containerPath, $credential.UserName,`
    $credential.GetNetworkCredential().Password, 0)
$restApi = $container.RestApi

# Set session lifetime.
$parameters = $restApi.AdvancedParameters
$sessionLifeTime = $parameters.GetParameter("Security.SignInSessionLifeTime")
$sessionLifeTime.Value = $lifetimeMin
$parameters.SetParameter($sessionLifeTime)

# Save settings.
$restApi.AdvancedParameters = $parameters
$restApi.SetInfo()

After executing the script, restart IIS on the computer where REST API component is installed.

 Token lifetime

To change the security token lifetime, execute the following script and restart IIS on the computer where REST API component is installed.

In the script:

  • $serviceHost – the host name of the computer where the Adaxes service is installed.
  • $lifetimeMin – the security token lifetime in minutes.
Adaxes 2023 and newer
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost"
$lifetimeMin = 60

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Prompt for credentials.
$credential = Get-Credential

# Bind to the REST API configuration container.
$containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer")
$container = $service.OpenObject($containerPath, $credential.UserName, `
    $credential.GetNetworkCredential().Password, 0)
$restApi = $container.RestApi

# Set token lifetime.
$tokenLifeTime =  ConvertTo-Json -Depth 4 @{
    "advancedParameters"= @(
        @{
            "name" = "Security.AuthTicketLifeTime";
            "values" = @($lifetimeMin)
        }
    )
}

# Save settings.
$restApi.FromJson("{elements: ['AdvancedParameters']}", $tokenLifeTime)
Adaxes 2021.1
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost" 
$lifetimeMin = 60 

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Prompt for credentials.
$credential = Get-Credential

# Bind to the REST API configuration container.
$containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer")
$container = $service.OpenObject($containerPath, $credential.UserName,`
    $credential.GetNetworkCredential().Password, 0)
$restApi = $container.RestApi

# Set token lifetime.
$parameters = $restApi.AdvancedParameters
$tokenLifeTime = $parameters.GetParameter("Security.AuthTicketLifeTime")
$tokenLifeTime.Value = $lifetimeMin
$parameters.SetParameter($tokenLifeTime)

# Save settings.
$restApi.AdvancedParameters = $parameters
$restApi.SetInfo()

After executing the script, restart IIS on the computer where REST API component is installed.

View current settings

Execute the following script. In the script:

  • $serviceHost – the host name of the computer where the Adaxes service is installed.
Adaxes 2023 and newer
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost"

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Prompt for credentials.
$credential = Get-Credential

# Bind to the REST API configuration container.
$containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer")
$container = $service.OpenObject($containerPath, $credential.UserName, `
    $credential.GetNetworkCredential().Password, 0)
$restApi = $container.RestApi
$config = $restApi.ToJson("{elements: ['AdvancedParameters']}") | ConvertFrom-Json

# Session lifetime
$sessionLifeTime = $config.advancedParameters | Where name -eq Security.SignInSessionLifeTime
Write-Host "Session lifetime: $($sessionLifeTime.values) min"

# Token lifetime
$tokenLifeTime = $config.advancedParameters | Where name -eq Security.AuthTicketLifeTime
Write-Host "Security token lifetime: $($tokenLifeTime.values) min"
Adaxes 2021.1
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost" 

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Prompt for credentials.
$credential = Get-Credential

# Bind to the REST API configuration container.
$containerPath = $service.Backend.GetConfigurationContainerPath("ClientAppsContainer")
$container = $service.OpenObject($containerPath, $credential.UserName,`
    $credential.GetNetworkCredential().Password, 0)
$restApi = $container.RestApi

# Session lifetime
$parameters = $restApi.AdvancedParameters
$sessionLifeTime = $parameters.GetParameter("Security.SignInSessionLifeTime")
if (-not $sessionLifeTime.Value)
{
    $sessionLifeTime.Value = 10 # default
}
Write-Host "Session lifetime: $($sessionLifeTime.Value) min"

# Token lifetime
$tokenLifeTime = $parameters.GetParameter("Security.AuthTicketLifeTime")
if (-not $tokenLifeTime.Value)
{
    $tokenLifeTime.Value = 30 # default
}
Write-Host "Security token lifetime: $($tokenLifeTime.Value) min"