Navigation

    FusionAuth
    • Login
    • Search
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    1. Home
    2. Tags
    3. sessions
    Log in to post
    • All categories
    • dan

      UNSOLVED Sessions per application
      Q&A • registrations sessions • • dan

      2
      0
      Votes
      2
      Posts
      95
      Views

      dan

      Yes. A user can have one-to-many refresh tokens per application.

    • dan

      Can you store JWTs in session cookies
      Q&A • jwt sessions cookies • • dan

      2
      0
      Votes
      2
      Posts
      92
      Views

      dan

      Yes. You can use the Authorization Code grant with cookies. Here is a workflow diagram of this: https://fusionauth.io/learn/expert-advice/authentication/webapp/oauth-authorization-code-grant-jwts-refresh-tokens-cookies/

    • dan

      Limiting sessions to one IP address
      Q&A • sessions ip address limits • • dan

      2
      0
      Votes
      2
      Posts
      69
      Views

      dan

      No, this isn't currently possible.

      I think that would fall into the threat detection bucket of features we are planning. Feel free to add any notes, comments or suggestions here: https://github.com/FusionAuth/fusionauth-issues/issues/905

    • N

      Trouble getting the user object post login
      Q&A • login python sessions user • • nishant

      16
      0
      Votes
      16
      Posts
      485
      Views

      A

      @dan Thank you for your support. Fixing the signature just saved me another couple of hours (also coming from https://fusionauth.io/blog/2020/07/14/django-and-oauth/) ^^

    • dan

      Can I configure the inactivity timeout of the FusionAuth Session cookie?
      Q&A • from-slack cookies sessions inactivity faq • • dan

      8
      2
      Votes
      8
      Posts
      7306
      Views

      dan

      @chakshu

      Sorry, I pointed you to the incorrect setting.

      You can go to Applications > FusionAuth > Edit > JWT > Refresh Token duration

      Changing that to 1 (the value is in minutes) caused me to be signed out of the admin application after 60 seconds.

      Hope that helps.