My Oracle Support Banner

OAM_LAST_REAUTHENTICATION_TIME Is Not Updated After Reauthentication Via /oamreauthenticate (Doc ID 2026320.1)

Last updated on MAY 24, 2022

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


Two protected resources with different level of authentication.

After user is logged to Protected Resource-1, than to perfom login to Protected Resource-2 ... need to do forced re-authentication and used the "/oamreauthenticate" functionality for this. The login is done again with the same user and the same DCC scheme and this works.
However when we check the OAM_LAST_REAUTHENTICATION_TIME headers, it has not changed since the previous login.

The expectation would be to see a updated timestamp value, as mentioned in documentation...
Oracle Fusion Middleware Online Documentation Library, 11g Release 1 (, Fusion Middleware Administrator's Guide for Oracle Access Management, Chapter 19 Managing Authentication and Shared Policy Components, section 19.19 Using Application Initiated Authentication



The OAM_LAST_REAUTHENTICATION_TIME http header is completely removed after doing a step-up authentication. We've seen this behavior in 2 use cases: 

The result in these 2 cases is that the actual authn_level is increased as expected, but the OAM_LAST_REAUTHENTICATION_TIME http header is completely removed after step-up.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.