t2dvb (t2dvb) asked a question.
Extend SAML login period
Our organization is using OKTA as SSO provider for github. It works good in general with the 1 small exception. I have manually click to re-authenticate daily which is pretty annoying. I don't even need to re-authenticate in OKTA since my session is actively. I just basically click on a link, being redirected multiple times and then I get access to repos/PRs that belongs to my organization. I think it's a very bad UX and I'd like to extend lifetime of token that github is using. Is it something that we can configure in OKTA? Are there any better ways to integrate with OKTA with github?
Hi Raman, Did you try setting the "Session Expieres After" attribute ?
Refer to the below for details:
https://help.okta.com/en/prod/Content/Topics/Security/healthinsight/session-lifetime.htm
Hi Priti, as far as I cam see we haven't set anything explicitly and it seems like 24 hours is a default:
"You must periodically authenticate with your SAML IdP to authenticate and gain access to the organization's resources on GitHub.com. The duration of this login period is specified by your IdP and is generally 24 hours."
https://docs.github.com/en/github/authenticating-to-github/about-authentication-with-saml-single-sign-on
That sounds like the service provider (Github) requesting an authentication request. Okta wouldnt initiated another authentication request unless redirected by the site.