DOC-1927 Document configuration param maximumSessionAge in console

[micheleRP]

Description

This pull request adds documentation and configuration support for limiting Redpanda Console session duration using the new maximumSessionAge parameter. This allows enterprise users to control how long browser sessions remain valid before requiring users to re-authenticate.

• Added a new section to the authentication documentation explaining how to set the maximumSessionAge parameter to limit session duration for Redpanda Console, including examples for standalone, Kubernetes Operator, Helm, and Kubernetes standalone deployments.
• Updated the sample configuration file (redpanda-console-config.yaml) to document the new maximumSessionAge option, including usage notes and example values.

Resolves https://redpandadata.atlassian.net/browse/DOC-1927
Review deadline:

Page previews

Configure session duration
config.yaml example

Checks

• New feature
• Content gap
• Support Follow-up
• Small fix (typos, links, copyedits, etc)

[netlify]

✅ Deploy Preview for redpanda-docs-preview ready!

Name	Link
🔨 Latest commit	692c9af
🔍 Latest deploy log	https://app.netlify.com/projects/redpanda-docs-preview/deploys/697a37b71d26b100075ee46d
😎 Deploy Preview	https://deploy-preview-1561--redpanda-docs-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

📝 Walkthrough

Walkthrough

This pull request adds documentation for a new maximumSessionAge configuration parameter in Redpanda Console's authentication settings. The changes include adding a "Configure session duration" section to the authentication configuration documentation with YAML configuration examples for Standalone, Kubernetes Operator/Helm, and Kubernetes standalone deployments. The documentation clarifies that the default session validity is one year and explains accepted duration formats. A commented-out example is also added to the sample configuration file.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Suggested reviewers

• weeco
• mattschumpert

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and concisely summarizes the primary change: documenting the maximumSessionAge configuration parameter in Redpanda Console.
Linked Issues check	✅ Passed	The pull request successfully addresses the linked issue DOC-1927 by documenting the maximumSessionAge configuration parameter across all required deployment formats with examples.
Out of Scope Changes check	✅ Passed	All changes are scope-appropriate: documentation additions for the maximumSessionAge parameter in two files directly aligned with the issue objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The PR description fully addresses the template requirements, including a detailed summary of changes, a valid Jira ticket reference, relevant page previews, and an appropriate feature classification.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[graham-rp]

Looks great, thanks for turning this around so quickly!

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@modules/console/pages/config/security/authentication.adoc`:
- Around line 500-590: Remove the entire "Configure session duration" section
(the header "Configure session duration", all explanatory text, the three YAML
example blocks that reference maximumSessionAge, and the footnote) because the
Console does not support a maximumSessionAge setting; delete every occurrence of
the configuration key maximumSessionAge and the invalid example value "90d" (or
alternatively replace the whole section with a short "Coming soon" note if you
prefer to keep a placeholder).

[Feediver1]

Not sure I understand why the enterprise license note appears here. The license would be for Console, not session duration, right? This is confusing to me, and might also be for our users. Help me understand why it is in this section. thx

[micheleRP]

You're right, it's confusing. @graham-rp I added this because the description said it's for enterprise accounts. But they just need a Console license, right? Also do we need to describe how this new config behaves with JWT token expiration?

[graham-rp]

The OSS version skips over all of the auth stuff, so this really only applies to console with an enterprise license. As for OIDC, customers can (and could previously) set expirations on their tokens on their end to do something similar.

[Feediver1]

Not sure I am tracking here @graham-rp. The only Enterprise licensed features Console manages are:

• Authentication of RP Console
• Authorization (RBAC) for Redpanda
• Debug bundle generation
• Reassign partitions

There is already a licensing reminder/note at the top of the Authentication section here, so why would we repeat it for this specific task? In and of itself, session duration only requires a license because it is part of Authentication. We typically do not add the licensing requirement for each task appearing within a licensed feature. Hence, my suggestion to remove it here.

[graham-rp]

Got it! I think I misunderstood the use of the tag. In that case I'm good to remove it.

[micheleRP]

I've removed the extra enterprise note

[Feediver1]

lgtm