Identity provider Session settings

You can configure different parameters to control when you're idle IdP session expires, maximum duration of an active IdP session, and maximum number of concurrent sessions that you can have simultaneously.

Session Idle Expiry - By default, if your IdP session is idle for 120 minutes it expires. The maximum value is 1440 minutes. (1 day)

Limit Session Life - By default, this option is selected and Max Session Duration has a value of 7200 minutes (5 days). So, when you have an active IdP session, it has a maximum life of 5 days. After this period authenticated users will be forced to authenticate again, although the IdP session is active. You will not be able to configure Max Session Duration when you disable Limit Session Life.

ūüďė

Note

The Max Session Duration setting is applicable only for Akamai IdP. Third-party IdPs may have their own Max Session Duration parameter.

Max Concurrent Sessions - By default, a user can have a maximum of 10 concurrent sessions. If the user has more sessions than the value configured here, the oldest session will be terminated. For example, if Max Concurrent Sessions is set to 5, when the user opens a 6th session, the 1st (oldest) session is terminated. This prevents unauthorized access and ensures users from exceeding the maximum number of simultaneous sessions.

You can override these default settings by updating the new values.

  1. Log in to the Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Identity & Users > Identity Providers.

  3. Select the IdP from the Identity provider list page.

  4. In Settings > Session, update Session Idle Expiry, Limit Session Life, Max Session Duration and Max Concurrent Sessions .

  5. Click Save and Deploy, to deploy the changes.