Zero Trust Access system properties
Use system properties to enable and customize Zero Trust Access to meet your security requirements.
Properties
| Property | Description |
|---|---|
| Enable Zero Trust Session Access | Option that enables administrators to use the Zero Trust Session Access feature. By default the value is false. |
| Enable debug logging for Zero Trust Session Access | Option to enable debug logging for Zero Trust Session Access. |
| Preference to remove/limit roles in case of conflict. Whenever a common role is part of both remove and limit role(s) set, the precedence is decided based on this property. | Remove Roles or Limit Roles |
| The number of days after which session access audit data will be deleted. The default value is 30 days and the maximum is 180 days. | By default, it’s 30 days. |
| The number of seconds after which the refresh token will be revoked if the session access policy is using IDP attributes. It should be between access token lifespan and refresh token lifespan. The default value is 1800 seconds. | By default, it’s 1800 seconds. |
| Information to be displayed when some privileges have been removed from the session for a user. | Description that you want to display to your users regarding limiting or removal of privileges. Sample Description: Based on security policies defined by the administrator, some of your roles have been removed from this session. Please get in touch with your administrator for more information. |