Session expires once a day with Authentik

Question

Session expires once a day with Authentik

Baspar opened this issue 3 months ago · 1 comments

Session expires once a day with Authentik

Hey,
I am currently using timshel/vaultwarden:latest with my setup to interact with Authentik for authentication.
Everything looks fine in the logs, and it shows a correct authentication flow with valid refresh token:

2024-06-20T08:48:03.293723007Z [2024-06-20 08:48:03.293][vaultwarden::sso][DEBUG] Access token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImU4NDJmNDBlMmM2YmU0N2NlMzY5
OGYxZmRkZWMxMWFjIiwidHlwIjoiSldUIn0.REDACTED.REDACTED
2024-06-20T08:48:03.294463268Z [2024-06-20 08:48:03.293][vaultwarden::sso][DEBUG] Refresh token: Some("REDACTED")
2024-06-20T08:48:03.298363698Z [2024-06-20 08:48:03.294][vaultwarden::sso][DEBUG] Expiration time: Some(3600s)
2024-06-20T08:48:03.336869932Z [2024-06-20 08:48:03.336][vaultwarden::sso][DEBUG] Non jwt refresh_token (expiration set to 1721465283)

But after ~24hr, I get the your session expired/timed out" message.

the offline_access claim is correctly set on Authentik.

Any idea what could be the issue ?

Answer 1 · 2024-07-06T10:43:47.000Z

Hey,

From the logs the expiration should be longer (1721465283), do you have any logs from the server side when the session expires ?