View the latest documentation 5.5
For troubleshooting and frequently asked questions.
Authentication issue instant is too old or in the future
For security purposes, Lenses prevents authenticating SSO users that have remained logged in SSO for a very long time.
Example: You use Okta SSO and, you logged in to Okta a year ago. Okta might allow you to remain logged in along that year without having to re-authenticate. Lenses has a limit of 100 days. In that case, Lenses will receive an authenticated user that originally logged in before the 100 days mark.
100 days
Example:
lenses.security.saml.idp.session.lifetime.max = 365days
See all SSO options.
On this page