FAQs
Authentication instances too old or in the future
The error that you see
What causes it
The user’s session in the SSO provider is too old.
The system clocks of the SSO provider and the Lenses instance are out of sync.
For security purposes, Lenses prevents authenticating SSO users that have remained logged in SSO for a very long time.
Example: You use Okta SSO and, you logged in to Okta a year ago. Okta might allow you to remain logged in along that year without having to re-authenticate. Lenses has a limit of 100 days
. In that case, Lenses will receive an authenticated user that originally logged in before the 100 days mark.
How to solve it
Ensure that the SSO and Lenses system clocks are in sync.
If the SSO provider supports very long sessions either:
Log out of the SSO and log back in. This explicitly renews the SSO session.
Increase the Lenses limit to more than
100 days
.
Example:
Last updated