finding initial time of an idp session?

Jim Fox fox at
Fri Mar 20 20:03:44 EDT 2020

For compromised accounts we have a disuser..reuser mechanism that disables 
a user's login until they have reset their password (and other stuff).
After they get reusered we want them to be able to log in as normal, but still 
deny access for any earlier created sessions.  Since our sessions are carried 
in cookies it seems like I need to determine the time a password session was created. 
(This would be in the mfa script.)

Would that info be available through the AuthenticationContext -> getActiveResults()?

Somewhere else?



More information about the users mailing list