Set Up Session Validity

Define the maximum session length and timeout for a session.

You can configure the session validity for your users by defining the maximum session length and idle timeout durations.

Set the idle timeout duration

Idle timeout is the duration, in minutes, that a session is allowed to stay idle. The first five minutes of the session are not checked. For example, if you set 60 minutes, the session renewal window is 55 minutes. This means that a session will not timeout if there has been any server activity in the last 55 minutes.

1. On the global navigation bar, click Settings > Session Validity.
2. In the Idle timeout field, set a duration value between 15 and 60 minutes. The default value is 60 minutes.
3. Click Save.

Set the maximum session length duration

Maximum session length is the duration, in minutes, for the maximum length of a valid session. For tenants who use a SAML 2.0 identity provider (IdP), the maximum session length is first determined from the SessionNotOnOrAfter attribute within the SAML assertion from the IdP response. For more information, see How is maximum session length determined?

1. On the global navigation bar, click Settings > Session Validity.
2. In the Maximum session length field, set a duration value between 15 and 720 minutes. The default value is 720 minutes (12 hours).
3. Click Save.

How is maximum session length determined?

When a user signs in, the presence of the SessionNotOnOrAfter attribute within the received IdP response is checked first. If present, that is used as the maximum session length. If not, the maximum session length value within the Session Validity settings is checked next. If found, that is used, and if not, the default value of 720 minutes is used.