Configuration

configobject
Hide Child Parameters
absolute_timeoutnumber

The session cookie absolute timeout, in seconds. Specifies how long the session can be used until it is no longer valid.

Default:86400

audiencestring

The session audience, which is the intended target application. For example "my-application".

Default:default

hash_subjectboolean

Whether to hash or not the subject when store_metadata is enabled.

Default:false

idling_timeoutnumber

The session cookie idle time, in seconds.

Default:900

logout_methodsarray[string]

A set of HTTP methods that the plugin will respond to.

Allowed values:DELETEGETPOST

Default:DELETE, POST

logout_post_argstring

The POST argument passed to logout requests. Do not change this property.

Default:session_logout

logout_query_argstring

The query argument passed to logout requests.

Default:session_logout

read_body_for_logoutboolean

Default:false

rememberboolean

Enables or disables persistent sessions.

Default:false

remember_absolute_timeoutnumber

The persistent session absolute timeout limit, in seconds.

Default:2592000

remember_rolling_timeoutnumber

The persistent session rolling timeout window, in seconds.

Default:604800

request_headersarray[string]

List of information to include, as headers, in the response to the downstream.

Allowed values:absolute-timeoutaudienceididling-timeoutrolling-timeoutsubjecttimeout

response_headersarray[string]

List of information to include, as headers, in the response to the downstream.

Allowed values:absolute-timeoutaudienceididling-timeoutrolling-timeoutsubjecttimeout

rolling_timeoutnumber

The session cookie rolling timeout, in seconds. Specifies how long the session can be used until it needs to be renewed.

Default:3600

secretstring

The secret that is used in keyed HMAC generation.
This field is encrypted.
This field is referenceable.

Default:M5N0CyFrAZwpB7F72PpY3J4S5n3KL77fs6xMuY8b7SMc

stale_ttlnumber

The duration, in seconds, after which an old cookie is discarded, starting from the moment when the session becomes outdated and is replaced by a new one.

Default:10

storagestring

Determines where the session data is stored. kong: Stores encrypted session data into Kong’s current database strategy; the cookie will not contain any session data. cookie: Stores encrypted session data within the cookie itself.

Allowed values:cookiekong

Default:cookie

store_metadataboolean

Whether to also store metadata of sessions, such as collecting data of sessions for a specific audience belonging to a specific subject.

Default:false

protocolsarray[string]

A string representing a protocol, such as HTTP or HTTPS.

Allowed values:grpcgrpcshttphttpstcptlstls_passthroughudpwswss

Default:grpc, grpcs, http, https

routeobject

If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.

* Additional properties are NOT allowed.
Hide Child Parameters
idstring
serviceobject

If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.

* Additional properties are NOT allowed.
Hide Child Parameters
idstring

Did this doc help?

Something wrong?

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!