Manage cross-domain SSO sessions that let you move between Space Duck sites without signing in again.
โ You must be signed in to view SSO settings. Sign in โ
โ
Active SSO Sessions
30s
Token Lifetime
5
Trusted Domains
๐ SSO tokens are single-use, expire in 30 seconds, and are validated server-side on every redeem. They cannot be replayed or reused.
Trusted SSO Domains
These are the Space Duck domains that participate in cross-domain SSO. When you click a link between these sites while signed in, an SSO token is automatically issued and redeemed.
๐ฆspaceduckling.comโ Primary
๐duckgalaxy.comโ Active
๐ฎduckcontrol.comโ Active
๐คspaceduck.botโ Active
๐mightyspaceduck.comโ Active
Token Configuration
SSO tokens are generated on demand and validated by the Space Duck Lambda backend. These settings are platform-wide and cannot be customised per-user.
Token formatsso_ prefixed UUID4
Token lifetime30 seconds (TTL)
Single-useYes
Stored inDynamoDB sso_tokens table (auto-expiry)
Issuance endpointPOST /beak/sso/issue
Redeem endpointPOST /beak/sso/redeem
Revoke all endpointPOST /beak/sso/revoke_all
Recent SSO Activity
SSO redemption events from your audit log. Shows cross-domain sign-ins from the last 30 days.
Loading activityโฆ
Revoke All SSO Sessions
This revokes all active SSO tokens and clears your cross-domain session state. You will need to sign in again on any Space Duck domain you visit. This does not affect your current session on this page.
Space Duck