OpenACS

Use the external identity provider for refresh of logins. When a user

is logged in via an external identity provider, use the same identity

provider for a refresh when it expires. The expiration time is

controlled via the classical OpenACS parameters.

Note that in general, the same user might be authenticated via a

classical OpenACS authority (e.g. local authority) and/or via an

external one (e.g. Microsoft Identity Platform (Azure) or GitHub).

For single-sign-ons, when the token is still valid, the redirect to

the external identity provider does not mean necessarily that the use

is shown the external identity provider's login page.

Show less