Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


authentication-entry-timeout (Identity Management Advanced Query)


Hierarchy Level


Configure the time-out for the user identity authentication entries. You configure this parameter as part of the advanced user identity query feature for SRX Series devices.

The advanced user identity query feature for SRX Series devices relies on the Juniper Identity Management Service (JIMS), a centralized identity collection (CIC) system from which the SRX Series device obtains the user identity information. It provides a global, end-to-end user identity management solution that allows you to provision users locally and have their authentication information made available to other sites in your network for policy enforcement and reporting.


Before you use this feature, you must disable active-directory-access and authentication-source options under the user-identification hierarchy. You cannot commit this configuration if active directory authentication or the ClearPass query and webapi functions are configured and committed.



The amount of time after which a user identity authentication entry expires.

  • Range: 0 or 10 through 1440 minutes. Specification of 0 indicates no time-out.

  • Default: 60 minutes

Required Privilege Level

  1. services—To view this statement in the configuration.

  2. services-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 15.1X49-D100.