Since version 4.7.0 the Duende version implements Server-Side sessions.
Server-Side sessions must be enabled by settings IdentityServerOptions:EnableServerSideSession
"IdentityServerOptions": {
"EnableServerSideSession": true,
"ServerSideSessions": {
"UserDisplayNameClaimType": "name",
"RemoveExpiredSessions": true,
"ExpiredSessionsTriggerBackchannelLogout": true,
"RemoveExpiredSessionsFrequency": "00:10:00",
"RemoveExpiredSessionsBatchSize": 100
},
"Authentication": {
"CoordinateClientLifetimesWithUserSession": false
}IdentityServerOptions:ServerSideSessions configures server-side sessions behavior.
See Server-side Sessions options.
The coordinate lifetime with user session check box in client page token section has been added to manage session inactivity
Sess Inactivity Timeout
Users can manage theirs sessions on /Identity/Account/Manage/Sessions page.
Administrators can manage users sessions on the user admin page.
