Question

1
Replies
96
Views
DANISHY1 Member since 2008 12 posts
Cognizant Technology Solutions
Posted: 1 year ago
Last activity: 1 year 2 months ago
Closed
Solved

Shortlived requestor session timing out before OTP expires

Hi,

We are trying to implement 2 factor authentication for password resets in Pega 7.4. There is a network delay of approx 2-3 mins before the OTP reaches the inbox. When the users are entering this OTP to reset the password an error message is displayed. We found a known issue in support article SA-48652

https://community.pega.com/support/support-articles/unauthenticated-requestor-timeout-prevents-mfa

This article explains the issue in detail and recommends increasing timeout/requestor/shortlived in prconfig.xml. The questions is can this change be done through DSS? Pega has moved away from using prconfig.xml file so why is it required here? If it is possible to create a DSS where can I get the details of the owning ruleset, purpose and value.

Security
Moderation Team has archived post
Share this page LinkedIn