Add experimental and preliminary policy-driven session limiting when logging in OAuth 2 sessions. (#5221)

2025-11-25 15:24:02 +00:00
parent 96b596fa0c c007695e04
commit 1d2f7fecf8
18 changed files with 309 additions and 23 deletions
--- a/docs/config.schema.json
+++ b/docs/config.schema.json
@@ -2830,6 +2830,17 @@
            "string",
            "null"
          ]
+        },
+        "session_limit": {
+          "description": "Experimental feature to limit the number of application sessions per\n user.\n\n Disabled by default.",
+          "anyOf": [
+            {
+              "$ref": "#/definitions/SessionLimitConfig"
+            },
+            {
+              "type": "null"
+            }
+          ]
        }
      }
    },
@@ -2863,6 +2874,26 @@
      "required": [
        "ttl"
      ]
+    },
+    "SessionLimitConfig": {
+      "description": "Configuration options for the session limit feature",
+      "type": "object",
+      "properties": {
+        "soft_limit": {
+          "type": "integer",
+          "format": "uint64",
+          "minimum": 1
+        },
+        "hard_limit": {
+          "type": "integer",
+          "format": "uint64",
+          "minimum": 1
+        }
+      },
+      "required": [
+        "soft_limit",
+        "hard_limit"
+      ]
    }
  }
 }