How to prevent re-login when browser has been closed

[mailblue-info]

Hi,

I'm pretty new to the whole OpenID connect-thing.
For our internal application I want to authenticate to Google Workspace. So far what I've set up with the config below works. The only issue that I'm having is that when I close the browser window, open a new window and go back to the application I need to re-login with Google.

Is there a way to keep these session stick, even when the browsers has closed?
I've been looking at the Wiki, the Caching page, but this does not help, I've tried File and SHM. I've also tried the different settings in OIDCSessionType.

My current config is this:

OIDCProviderMetadataURL https://accounts.google.com/.well-known/openid-configuration
OIDCClientID [xx]
OIDCClientSecret [xx]

# OIDCRedirectURI is a vanity URL that must point to a path protected by this module but must NOT point to any content
OIDCRedirectURI https://[xx]/dashboard
OIDCCryptoPassphrase [xx]
OIDCScope "openid email profile"
#OIDCSessionMaxDuration
OIDCSessionType server-cache
OIDCSessionCacheFallbackToCookie On
OIDCCacheType shm
OIDCCacheShmMax 1000```

[zandbelt]

you can use OIDCSessionType server-cache:persistent, see https://github.com/OpenIDC/mod_auth_openidc/blob/v2.4.14.4/auth_openidc.conf#L596-L605 but it is not recommended to do so for security reasons

[mailblue-info]

Thanks @zandbelt! This is very helpful, just tested it, and it worked!
This application will only be used internally and will also be secured with extra steps. I'll keep your security concern in mind.