Data Purging recomendations

[rksk]

Is your suggestion related to a missing or misleading document? Please describe. WSO2 IS has a set of in-built operations to clean invalidated/expired data such as session data, access tokens, etc. from respective DB tables. Also, there is a set of stored procedures written to do the same task in an optimum way without consuming the resources of the IS nodes. These also make sure all the old data are removed from the respective tables.

The current recommendation for production environments is to fully disable the internal cleanup operations with the following configs and schedule the stored procedures located on the DB itself. These are compatible with all the versions since IS 5.2.0.

[session_data.cleanup]
enable_expired_data_cleanup = false
clean_logged_out_sessions_at_immediate_cycle = false
enable_pre_session_data_cleanup = false

[oauth.token_cleanup]
enable = false

This information needs to be clearly explained in the documentation. We can bring this to the deployment recommendations document instead of [2] and [3].

Also need to point to [1] for stored procedures since they are being improved actively and duplicating the same in the document will cause old scripts to be kept in the document.

Additionally, the steps like taking backups, testing with DB dump need to be removed (or should not be prioritized) since people get scared of executing the stored procedures due to these steps.

Related; https://github.com/wso2/product-is/issues/3901

[1] https://github.com/wso2/carbon-identity-framework/tree/master/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/stored-procedures [2] https://is.docs.wso2.com/en/latest/setup/data-purging/ [3] https://is.docs.wso2.com/en/latest/setup/removing-unused-tokens-from-the-database/#removing-unused-tokens-from-the-database

[rksk]

These changes are not done in the 6.0 branch.

Related https://github.com/wso2/product-is/issues/14865