Oracle Access Manager (OAM) Persistent Login Is Not Terminated On Password Change Events (Doc ID 2666710.1)

Last updated on SEPTEMBER 26, 2023

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Oracle Access Manager (OAM)
Persistent Login Is Not Terminated On Password Change Events
Persistent Login was configured as described in 2.9.3 Understanding Persistent Login of Fusion Middleware Administrator's Guide for Oracle Access Management
OAM_RM token does not invalidate as expected when:
- Password reset by administrator
- Password changed by the user on a different device
- User deleted or locked by the administrator
After one or more of the above action, users are still able to access to resource without a need to re-authenticate.

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Symptoms

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.