This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit

Enabling Authentication Session Persistence

This topic is regarding sessions in the WSO2 API Manager (WSO2 API-M) and the process of enabling session persistence for these sessions. This is particularly useful when the remember me option is selected when logging into either the service provider or the WSO2 API-M. 

Uncomment the following configuration in the <API-M_HOME>/repository/conf/identity/identity.xml file, under the the Server and JDBCPersistenceManager elements to enable authentication session persistence.


The following table describes the elements of the configurations mentioned above.

Configuration elementDescription


This enables the persistence of session data. Therefore, this must be configured to true if you wish to enable session persistence.


Setting this to true enables persistence of temporary caches that are created within an authentication request.

PoolSizeTo improve performance, OAuth2 access tokens are persisted asynchronously in the database using a thread pool. 
This value refers to the number of threads in that thread pool.


This section of the configuration is related to the cleaning up of session data.


Selecting true here enables the cleanup task and ensures that it starts running.


This is the timeout value (in minutes) of the session data that is removed by the cleanup task. The default value is 2 weeks.


This is the time period (in minutes) that the cleanup task would run. The default value is 1 day.

OperationDataCleanUpThis section of the configuration is related to the cleaning up of operation data.

Note: If Single Sign-On is to work, you must enable at least one of the two configurations mentioned in this topic.

Related Topics