RE: SSO Session expiration time

Hi @dan,

Thank you for your answer.

FusionAuth version is 1.23.3.
This is my configuration:

• Default tenant:
  • Session timeout: 31536000s
  • JWT duration: 3600s
  • Refresh Token duration: 43200min
  • FusionAuth app:
    • JWT duration: 60s
    • Refresh Token duration: 60min
• MyTenant:
  • Session timeout: 31536000s
  • JWT duration: 60s
  • Refresh Token duration: 43200min
  • App1:
    • No specific JWT configuration
  • App2:
    • No Specific JWT configuration
  • App3:
    • JWT Duration: 3600s
    • Refresh Token duration: 525600min

Can you explain to me what all does affect the SSO session duration?
I thought I just need to set Session timeout of the "MyTenant" tenant and that will keep my SSO session for applications from that tenant until "Single sign-on" refresh token expires (and, of course, if I renew "App specific refresh token"). As I can see, Session timeout defines expiration time of the "Single sign-on" refresh token (User > Sessions) but looks like in my case "Single sign-on" refresh token is deleted after 1h (but its expiration time is 365days). So...

• I login to App1 ==> App1 refresh token is created and "Single sign-on" refresh token is created
• I go to App2 (I'm already logged in) ==> App2 refresh token is created
• After ~1h, "Single sign-on" refresh token is deleted, App1 and App2 refresh tokens are still there and I can use them to fetch new access tokens until until they expire

Hi,

I've started using FusionAuth for handling SSO in my application but looks like my SSO session is dropped after some short time ~1h, but Session timeout for the tenant is set to 10 days and Refresh Token duration is set to 30 days.
When I login to one of the applications from "MyTenant" I can see refresh token for the "MyApplication" application and one additional refresh token for application "Single sign-on". After ~1h of browser inactivity, this token disappears.

Any idea what am I missing here?

Thank you!