User Session Note Expires Too Early

I have a custom required action that attaches a custom attribute to the user’s session by setting a session note.

requiredActionContext.getAuthenticationSession().setUserSessionNote("key", "value");

The problem is that this note disappears (gets deleted from the session) after about a minute (I believe that it’s the expiry of the access token) and it means that every minute I’m required to fill the required action form again.

The session itself doesn’t expired because I’m not prompted to enter my username/password again. Only the session notes expire.

Is there a way to attach custom attributes to the user’s session that would last as long as the actual user session (will last as long as I’m not required to re-enter credentials)?

That was a mistake on my side.
The problem was that I was setting the required action in the custom user provider storage.
It seems like calling addRequiredAction clears the session notes.

The problem was fixed when I created a custom authenticator that runs after the username/password and and sets the required action.