Question

1
Replies
173
Views
Close popover
Yasser Danish (DANISHY1)
Cognizant Technology Solutions
Technology Architect
Cognizant Technology Solutions
GB
DANISHY1 Member since 2008 12 posts
Cognizant Technology Solutions
Posted: August 16, 2019
Last activity: September 2, 2019
Closed
Solved

Shortlived requestor session timing out before OTP expires

Hi,

We are trying to implement 2 factor authentication for password resets in Pega 7.4. There is a network delay of approx 2-3 mins before the OTP reaches the inbox. When the users are entering this OTP to reset the password an error message is displayed. We found a known issue in support article SA-48652

https://community.pega.com/support/support-articles/unauthenticated-requestor-timeout-prevents-mfa

This article explains the issue in detail and recommends increasing timeout/requestor/shortlived in prconfig.xml. The questions is can this change be done through DSS? Pega has moved away from using prconfig.xml file so why is it required here? If it is possible to create a DSS where can I get the details of the owning ruleset, purpose and value.

Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.