Non breaking change.
What is changing?
It’s now possible to set a custom session timeout by providing an integer value in seconds to the
session_timeout field, when calling the Authenticate User or Authenticate Transaction supported endpoints.
session_timeout can be configured per session or per Service by calling the Admin API Update Service Information endpoint. In this the configured value will be applied by default to every authentication or transaction signing session of the specific Service.
session_timeout supports any numeric integer value between 30 and 120 seconds, with a default value of 60 seconds.
The status of a session that is timing out will be updated to
timeout_retry (Authentication Status), and the session can no longer be approved.
Is this feature relevant for my Futurae API integration?
This change gives the possibility of setting a specific session timeout of minimum 30 up to 120 seconds per session or Service, which enables greater flexibility with regards to a customer's authentication requirements.
Does this change have any impact on my Futurae API integration?
Please note that the deprecated Query Authentication Status endpoint cannot be used to query the status of sessions with a custom timeout (timeout different than 60 seconds), therefore the
session_timeout value should not be customized when using this deprecated endpoint. Utilizing the endpoint Query Authentication Status (new) will enable your backend system to query the status of sessions with adjusted timeout durations other than 60, as such it is advised to implement this newer endpoint version.