Configuring Session Timeout¶
Idle Session Time Out¶
This is the duration in minutes for which an SSO session can be idle
for. If WSO2 Identity Server does not receive any SSO authentication
requests for the given duration, a session time out occurs. The default
Remember Me Period¶
This is the duration in weeks for which WSO2 Identity Server should
remember an SSO session given that you have selected the Remember Me
option in the WSO2 Identity Server login screen. The default value is
The session timeout value can be configured tenant wise using the management console.
To configure the Session Timeout and Remember Me period in tenant wise, follow the steps below:
- Start the IS server and login to the management console.
- Click Resident under Identity Providers on the Main tab.
Fill in the fields as seen below to configure the session timeout and RememberMe period.
You can configure these timeout values globally
The global configuration can be added in the
<IS_HOME>/repository/conf/deployment.tomlfile as shown below.
[session.timeout] idle_session_timeout= "15m" remember_me_session_timeout= "14d"
Restart the server to save the changes. Once you add these global configurations, each tenant that is created after adding the configuration will inherit the same configurations.
With every authentication, the value of
remember_me_session_timeout is updated for each user. To disable extending this expiry time with each authentication request, add the following configuration to the
Now the SSO session is timed out according to the newly configured value and users need to be re-authenticated once the session times out. If a timeout is not configured, the SSO session simply uses the 15 minutes default time out value.
- After configuring the session timeout , see the Configuring Inbound Authentication for a Service Provider page to setup Single Sign On with WSO2 Identity Server.
- See Single Sign-On for more information.