Skip to content

Changing the Maximum Session Duration below the default can break Active Directory SSO #9836

New issue
New issue
Open
Open
Changing the Maximum Session Duration below the default can break Active Directory SSO#9836
Labels
kind/bugThis issue represents a verified problem we are committed to solving
@donnybell

Description

@donnybell
donnybell
opened on Jan 16, 2026

Severity

No response

Version

Confirmed in 2025.4.10338

Latest Version

None

What happened?

Due to #9835, changing the Maximum Session Duration too low can result in being blocked from using AD SSO.

The tooltip in the Configuration section of Octopus could likely be improved to provide the user with a better understanding of what impact this setting can have.

Similar to: #7952

Reproduction

  1. Setup an Octopus instance with AD using --webServer=httpsys and NTLM
  2. Change the Maximum Session Duration to a small value such as 3600
  3. Attempt to log in via the Sign in with a Domain SSO button
  4. You should then get a 500 error instead of a 302 redirect

Error and Stacktrace



More Information


No response


Workaround


No response
Metadata
Metadata
Assignees
No one assigned
    Labels
    kind/bugThis issue represents a verified problem we are committed to solving
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions