Cisco APIC: How to view "GUI Idle Timeout" via SSH/CLI?

fc00::/7 · ‎03-27-2020

GUI timeouts are managed under Security Management: Admin > AAA > Security Management.
Is there a way to get that info via command line?

If yes, what is the command?

Sergiu.Daniluk · ‎03-28-2020

Hi,

I think what you are looking for is crypto config section:

apic1# configure 
apic1(config)# crypto webtoken 
apic1(config-webtoken)# ?
 max-validity-period       Set The maximum validity period for a webtoken
 no                        Negate a command or set its defaults
 session-record-flags      Enable/Disable refresh in the session records, Comma separated values
 ui-idle-timeout-seconds   Set maximum GUI idle duration before requiring login refresh
 webtoken-timeout-seconds  Set The web token timeout interval

Cheers,

Sergiu

fc00::/7 · ‎03-30-2020

Thanks Sergiu, I just want to view existing config on existing device, not to configure it.

Sergiu.Daniluk · ‎03-30-2020

Hello,

Then you can use this command:

apic1# show running-config crypto webtoken 
# Command: show running-config crypto webtoken
# Time: Mon Mar 30 12:16:46 2020
  crypto webtoken
    session-record-flags login,logout,refresh
    ui-idle-timeout-seconds 42000
    webtoken-timeout-seconds 6000
    exit

If the output is empty, then the default values are used. In my case, I changed both webtoken and UI-idle timeout values.

Cheers,

Sergiu

Cisco APIC: How to view "GUI Idle Timeout" via SSH/CLI?

Cisco ACI Inter VRF/Tenant Route Leaking Design – Simplified!

Connecting Physical Servers To Cisco ACI Fabric - Simplified!

VXLAN/EVPN Configuration Example (N9k / p2p)