IMPORTANT: This version of Sitefinity CMS is out of support and the respective product documentation is no longer maintained and can be outdated. Use the version selector to view a supported product version.

Administration: Configure authentication expiration

Use this procedure to configure your Sitefinity CMS authentication expiration. That is, choose the expiration time of the authentication cookie issued as a proof for your successful authentication upon login to Sitefinity CMS.

There are two expiration dates that control when the authentication cookie expires:

The expiration date of the cookie itself.
This is a standard cookie property that by default defines the cookie as a session cookie. This means that the browser deletes the cookie once it is closed. If you set a specific value of the property, the browser checks it and send the cookie to the server only if it is not expired. Such cookies are referred to as persistent cookies.
The expiration date encrypted and stored in the cookie content. This is done because the cookie expiration date can’t be trusted as it can be modified by the client.

You configure both expiration dates by specifying a value for the AuthCookieTimeout property.

To specify the expiration timeout of the authentication cookies:

In Sitefinity CMS backend, navigate to Administration » Settings » Advanced.
Click Security and in the AuthCookieTimeout input field, set the expiration date in minutes, for example 600.
Save your changes.

Next: Administration: Configure the self-logout dialog recurrence

Was this article helpful?

Yes No

Administration: Configure authentication expiration

Was this article helpful?

Would you like to submit additional feedback?