Manage application advanced settings

The Application settings Advanced sub-pane includes additional settings supporting targeting more specific features such as session time out, duration, content re-writing, certificate use and others.

To manage application advanced settings:

  1. Navigate to your Access Gateway InstanceAn instance, or computer instance, is a virtual machine (VM) or individual physical computer, used to host a software appliance. and sign in.
  2. Select the Applications tab.
  3. Click the pencil icon ()to open an application for edit.


    Clicking an applications label in the Topology pane also opens the application for edit.

  4. Select the Settings tab.
  5. Expand the Advanced sub-pane.
  6. Modify one or more settings and click Done.

The Advanced pane includes:

Field Description Comments
Browser Session Expiration Application session will be set to expire with the browser's session. Default: Disabled.
Idle Session Duration Will destroy application session if user is idle for this duration. Default: 1h.
Format: #units
For example 60s, 30m.
Minimum 60s.
Maximum Session Duration Maximum application session duration.
Format number with d, s, m or h.
Default: 8h
Format: #units
Default unit is seconds if no unit specified.
Setting Maximum Session Duration equal to 0 (zero) disables maximum session timeout.

Deep LinkingAllows users to directly access parts of an application. If supported, users can navigate to a deep link and authenticate to an application using SP-initiated SAML SSO. After authentication, the user will be re-directed to a specific page in the SP instead of the homepage. Dynamically redirect browser to application URI after login. If disabled, only redirect to Post Login URL after login. Default: Enabled
Enforce Deep linking DomainA domain is an attribute of an Okta organization. Okta uses a fully-qualified domain name, meaning it always includes the top-level domain (.com, .eu, etc.), but does not include the protocol (https). When enabled, Access Gateway only allow deep links that share the public domain name. If deep link domain does not match, Access Gateway will only use the post login URL. Default: Enabled

Content Rewrite

Access Gateway will attempt to rewrite URLs and redirects in application HTML content

Default: Enabled

Host header

Access Gateway will send the Host header to back end application.

Default: Disabled

Certificate Type

Create a wild card or host-only certificate.

Default: Enabled.
Create host-only certificate.

Debug mode

Puts this appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. into debug mode.
Useful for initial setup and troubleshooting. Can have significance impact on system performance and should be disabled in production systems

Default: Enabled

Maximum File Upload Size Maximum file upload size.
A value of 0 equals unlimited.

Default: 1MB

Backend Timeout duration

0 is unlimited.

Minimum timeout for reads to back end system.

Default: 1m
Format: #units