From 9df49e7adedcccfc86e9d05f7c319e5f2e53537c Mon Sep 17 00:00:00 2001 From: James Rodewig <40268737+jrodewig@users.noreply.github.com> Date: Fri, 5 Feb 2021 13:55:22 -0500 Subject: [PATCH] [DOCS] Fix Kibana timeout settings refs (#68594) (#68598) Co-authored-by: Larry Gregory --- .../en/security/authentication/oidc-guide.asciidoc | 10 +++++++--- .../en/security/authentication/saml-guide.asciidoc | 10 +++++++--- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/x-pack/docs/en/security/authentication/oidc-guide.asciidoc b/x-pack/docs/en/security/authentication/oidc-guide.asciidoc index 2f6e86b76c2b9..de475d485f2ee 100644 --- a/x-pack/docs/en/security/authentication/oidc-guide.asciidoc +++ b/x-pack/docs/en/security/authentication/oidc-guide.asciidoc @@ -516,9 +516,13 @@ interface, you must configure {kib} to use a `https` URL to connect to {es}, and you may need to configure `elasticsearch.ssl.certificateAuthorities` to trust the certificates that {es} has been configured to use. -OpenID Connect authentication in {kib} is also subject to the -`xpack.security.sessionTimeout` setting that is described in the {kib} security -documentation, and you may wish to adjust this timeout to meet your local needs. +OpenID Connect authentication in {kib} is subject to the following timeout settings in +`kibana.yml`: + +- {kibana-ref}/xpack-security-session-management.html#session-idle-timeout[`xpack.security.session.idleTimeout`] +- {kibana-ref}/xpack-security-session-management.html#session-lifespan[`xpack.security.session.lifespan`] + +You may want to adjust these timeouts based on your security requirements. The three additional settings that are required for OpenID Connect support are shown below: diff --git a/x-pack/docs/en/security/authentication/saml-guide.asciidoc b/x-pack/docs/en/security/authentication/saml-guide.asciidoc index 9a9bba23c895e..e8640762dd61a 100644 --- a/x-pack/docs/en/security/authentication/saml-guide.asciidoc +++ b/x-pack/docs/en/security/authentication/saml-guide.asciidoc @@ -744,9 +744,13 @@ interface, you must configure {kib} to use a `https` URL to connect to {es}, and you may need to configure `elasticsearch.ssl.certificateAuthorities` to trust the certificates that {es} has been configured to use. -SAML authentication in {kib} is also subject to the -`xpack.security.sessionTimeout` setting that is described in the {kib} security -documentation, and you may wish to adjust this timeout to meet your local needs. +SAML authentication in {kib} is subject to the following timeout settings in +`kibana.yml`: + +- {kibana-ref}/xpack-security-session-management.html#session-idle-timeout[`xpack.security.session.idleTimeout`] +- {kibana-ref}/xpack-security-session-management.html#session-lifespan[`xpack.security.session.lifespan`] + +You may want to adjust these timeouts based on your security requirements. The three additional settings that are required for SAML support are shown below: