KEYCLOAK-4627 Documentation for action token timeouts

This commit is contained in:
Hynek Mlnarik 2017-05-17 16:20:44 +02:00
parent b6f333af44
commit 8952d7f152
2 changed files with 8 additions and 1 deletions

View file

@ -42,4 +42,10 @@ Let's walk through each of the items on this page.
|Login action timeout
|Maximum time a user can spend on any one page in the authentication process.
|User-Initiated Action Lifespan
|Maximum time before an action permit sent by a user (e.g. forgot password e-mail) is expired. This value is recommended to be short because it is expected that the user would react to self-created action quickly.
|Default Admin-Initiated Action Lifespan
|Maximum time before an action permit sent to a user by an admin is expired. This value is recommended to be long to allow admins send e-mails for users that are currently offline. The default timeout can be overridden right before issuing the token.
|===

View file

@ -14,7 +14,8 @@ If the `Temporary` switch is on, this new password can only be used once and the
logged in.
Alternatively, if you have <<fake/../../realms/email.adoc#_email, email>> set up, you can send an email to the user that asks
them to reset their password. Choose `Update Password` from the `Reset Actions` list box and click `Send Email`.
them to reset their password. Choose `Update Password` from the `Reset Actions` list box and click `Send Email`. You can optionally
set the validity of the e-mail link which defaults to the one preset in `Tokens` tab in the realm settings.
The sent email contains a link that will bring the user to the update password screen.
==== Changing OTPs