AEM as a Cloud Service – Session Not Extending Despite refreshToken=true in Publishers | Community
Skip to main content
S
Sku4
Level 2
June 27, 2025

AEM as a Cloud Service – Session Not Extending Despite refreshToken=true in Publishers

  • June 27, 2025
  • 3 replies
  • 616 views

 

Hi all,

 

I’m using AEM’s out-of-the-box session extension feature configured through the OSGi service org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl, with refreshToken=true.

 

This works as expected in my local author and RDE publisher environments. When a user performs activity after half the session timeout, the session is extended. I’ve verified this by checking the rep:exp property under /home/users/<user>/.tokens/<tokenId>, which gets updated correctly.

 

However, in the AEM as a Cloud Service (Dev Publisher) environment, this behavior is not observed:

  • Sessions expire exactly at the timeout, regardless of user activity.
  • I also don’t see any .tokens node under user home paths.

 

Is this a known limitation or behavior difference in AEM Cloud publishers?

Has anyone faced something similar, or found a workaround?

 

Appreciate any insights!

Thanks.

3 replies

TarunKumar
Community Advisor
TarunKumarCommunity Advisor
Community Advisor
June 27, 2025

Hi @sku4 ,

In AEM as a Cloud Service, session management for the publish environment primarily relies on Adobe Identity Management System (IMS) and token-based authentication,
leveraging encapsulated tokens for enhanced performance and scalability. This approach replaces traditional session management techniques, especially in clustered environments.

Adobe IMS and Token-Based Authentication:
AEM as a Cloud Service utilizes Adobe IMS for user authentication and authorization.
Instead of storing session data on the publish instances, users are authenticated via IMS, and a token (often an access token) is used to identify and authorize subsequent requests.
This token is securely managed and passed between the client and the AEM publish instance.

 

-Tarun

    S
    Sku4Author
    Level 2
    June 27, 2025

    Hey Tarun, 

    Thank you for the response.

    I am curious on session extension? how does AEM session extension work in this scenario?

      MukeshYadav_
      Community Advisor
      MukeshYadav_Community Advisor
      Community Advisor
      June 27, 2025

      Hi @sku4 ,

      Yes there is limitation for encapsulated token. You may cross check if encapsulated token is enabled. You may try after disabling the same.
      Reference https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-21491

      Thanks

        kautuk_sahni
        Community Manager
        kautuk_sahniCommunity Manager
        Community Manager
        July 2, 2025

        @sku4 Just checking in — were you able to resolve your issue?
        We’d love to hear how things worked out. If the suggestions above helped, marking a response as correct can guide others with similar questions. And if you found another solution, feel free to share it — your insights could really benefit the community. Thanks again for being part of the conversation!

        Kautuk Sahni
        Terms & ConditionsAccessibility statement

        Loading footer...