How To
Summary
How to achieve session timeout in OrderHub?
Steps
Set up the below mentioned properties to configure Order Hub session timeout.
yfs.api.security.token.enabled=Y
yfs.api.security.token.timeout=<time in milliseconds>
yfs.api.security.token.timeout=<time in milliseconds>
Below mentioned steps demonstrates the JWT token's functionality in Order Hub.
1) Order Hub calls login API. It returns a UserToken.
2) The user token is used in the JWT API call to get a JWT token.
3) The JWT token is used when calling OMS APIs.
4) The Order Hub UI automatically calls the JWT API to get a new JWT token before the existing JWT token expires.
5) If the user token has expired, the JWT API call will fail to get a new JWT token, and the user will be forced to login into Order Hub, upon which a new user token gets generated.
JWT timeout must be set to a value greater than the UserToken timeout (
The JWT timeout is 5 mins by default. Add the mentioned custom property in SMA to change the value.
api.security.token.timeout) for the OrderHub session timeout to function correctly. If the JWT timeout is not greater, the session will not expire as intended, preventing proper session timeout functionality in OrderHub.The JWT timeout is 5 mins by default. Add the mentioned custom property in SMA to change the value.
yfs.yfs.jwt.create.expiration=<time in minutes>
Related Information
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSGTJF","label":"IBM Sterling Order Management System"},"ARM Category":[{"code":"a8m0z000000cxzaAAA","label":"OrderHub"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
12 February 2026
UID
ibm17172391