Why are users periodically logged out of YouTrack?

 

This situation can arise when YouTrack is configured to run behind a reverse proxy server. The proxy server can interfere with the process that keeps users logged in.

 

Condition

 

When users log into YouTrack, they are able to work with the application for a relatively short period of time (an hour or so), but are then shown a message that they have been logged out and are redirected to the login page.

 

Users can sign in again without having to re-enter their username and password, but they must repeat this process on a regular basis throughout the day.  

 

Cause

 

The built-in Hub service uses a hidden inline frame to refresh authentication tokens. If you have set the value for the X-Frame-Options header to DENY for your reverse proxy server, users are logged out when their tokens expire.

 

Solution

 

All responses that contain static content from the Hub service set the value for the X-Frame-Options header to SAMEORIGIN. To preserve this value, configure your reverse proxy server to use the X-Frame-Options: SAMEORIGIN directive for all static content from YouTrack. If your YouTrack installation is connected to an external Hub service, set this directive for static content from Hub.

 

For more information, see X-Frame-Options.

Please sign in to leave a comment.

Have more questions?

Submit a request