Prabagaran Sellamuthu
Reputation: 245
How to Implement User Inactivity Timeout with Okta and OIDC in a Spring Boot Application?
I have spring-boot app with few API endpoints exposed.
I’m integrating an OIDC sign-in flow with Okta in my Spring Boot single-page web app. I want to implement user session timeout for inactivity in my application, and also ensure that if a user logs out of Okta or loses access to the app via Okta, they are automatically logged out of my web app.
- Inactivity session timeout: Users should be logged out automatically if they are inactive for a certain period.
- Session synchronization with Okta: If users log out of Okta or lose access to the application in Okta, they should also be logged out of my web app.
- Backchannel logout: It seems that OIDC backchannel logout could be the solution for synchronizing the Okta session with my app’s session. Does Okta support OIDC backchannel logout, and how can I implement this in my Spring Boot app?
Upvotes: 0
Views: 80
Answers (0)
Related Questions
- How to configure port for a Spring Boot application
- Managing Okta Authentication Status in Spring Boot Application: Session Handling and Backend Integration
- Checking Okta Session Status After Local Logout in Spring Boot Application
- Okta Spring Boot Invalid Credentials
- Spring Boot/Security is not redirecting to Okta logout URL - OpenID Connect Logout Options with Spring Boot
- Keycloak | OIDC Backchannel (Single) Logout with Spring Security
- Okta backchannel logout for OIDC
- Override/Bypass Spring Boot default login page to okta OIDC login page