A session is connection information between a user and a storage system.
A session can be generated by executing a REST API or CLI for generating a session. You can obtain a token by generating a session.
A generated session is deleted when:
-
The session (token) expired.
-
The session has timed out without being used.
-
The cluster master node (primary) has failed over.
-
The session is deleted, the user is edited or deleted, the password is changed, the user is deleted from a user group, or the user group to which the user belongs is edited.
Token expiration time (default: 24 hours) applies to the entire storage system. For details about how to change the token expiration time, see Editing user authentication settings.
You can specify the session timeout time (default: 30 minutes) not only for each session but for the entire storage system. To specify the session timeout time for each session, specify the time when sessions are created. If you omit this specification, the session timeout time will be applied to the entire storage system. For details about how to change the session timeout time of the entire storage system, see Editing user authentication settings.
If the token obtained by generating a session has leaked out, the VSP One SDS Block storage system might be operated by an unintended third party. Properly manage the obtained token so that it won't be leaked out.