Adobe Experience Manager Sites & More

Sku4 · 6/26/25

Hi all,

I’m using AEM’s out-of-the-box session extension feature configured through the OSGi service org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl, with refreshToken=true.

This works as expected in my local author and RDE publisher environments. When a user performs activity after half the session timeout, the session is extended. I’ve verified this by checking the rep:exp property under /home/users/<user>/.tokens/<tokenId>, which gets updated correctly.

However, in the AEM as a Cloud Service (Dev Publisher) environment, this behavior is not observed:

Sessions expire exactly at the timeout, regardless of user activity.
I also don’t see any .tokens node under user home paths.

Is this a known limitation or behavior difference in AEM Cloud publishers?

Has anyone faced something similar, or found a workaround?

Appreciate any insights!

Thanks.

TarunKumar · 6/27/25

Hi @Sku4 ,

In AEM as a Cloud Service, session management for the publish environment primarily relies on Adobe Identity Management System (IMS) and token-based authentication,
leveraging encapsulated tokens for enhanced performance and scalability. This approach replaces traditional session management techniques, especially in clustered environments.

Adobe IMS and Token-Based Authentication:
AEM as a Cloud Service utilizes Adobe IMS for user authentication and authorization.
Instead of storing session data on the publish instances, users are authenticated via IMS, and a token (often an access token) is used to identify and authorize subsequent requests.
This token is securely managed and passed between the client and the AEM publish instance.

-Tarun

Sku4 · 6/27/25

Hey Tarun,

Thank you for the response.

I am curious on session extension? how does AEM session extension work in this scenario?

MukeshYadav_ · 6/27/25

Hi @Sku4 ,

Yes there is limitation for encapsulated token. You may cross check if encapsulated token is enabled. You may try after disabling the same.
Reference https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-21491

Thanks

kautuk_sahni · 7/2/25

@Sku4 Just checking in — were you able to resolve your issue?
We’d love to hear how things worked out. If the suggestions above helped, marking a response as correct can guide others with similar questions. And if you found another solution, feel free to share it — your insights could really benefit the community. Thanks again for being part of the conversation!