Where is WIF Security Token timeout coming from?

Question

One of the events on the SessionAuthenticationModule class is SessionSecurityTokenReceived. This allows us to look at the session token that we receive from AD FS. The SessionToken as two properties called ValidFrom and ValidTo. In the configuration we have right now, taking the difference between these two is 1 hour. I have looked through settings in AD FS, but I have been unable to find out how to change this value. Does anyone know where it is?

Answer 1

That comes from the SAML assertion validity time. If you are using ADFS you can change that value using PowerShell. It's not available through the UI

Add-PSSNapin Microsoft.Adfs.PowerShell
Set-RelyingPartyTrust -TargetName "your relying party name" -TokenLifetime 600

TokenLifetime is in minutes