Question
Roche Pharma
IN
Last activity: 10 Jun 2019 3:28 EDT
SAML 2.0 SSO timeout setup for PEGA 7.4
Hi,
My requirement is to allow our SSO SAML to automatically logged out after 30 min (as per my org standard) I have found some articles in PDN but all suggest to put timeout in User access group and/or use timeout activity in Authentication service. (which is PARTIALLY solving my requirement ).
I am looking a solution to apply Organization standard timeout when Ideal browser session timeout reached. And user should get navigated to SSO login screen rather passivating user session and prompt for PEGA login id password.
Please note i have went through lots of article in PDN but all were suggesting to configure timeout in access group and then some other steps ...
But i have to configure logic WITHOUT considering access group timeout.
Please assist ? I am using PEGA 7.4
Few articles which i went through were:
Hi,
My requirement is to allow our SSO SAML to automatically logged out after 30 min (as per my org standard) I have found some articles in PDN but all suggest to put timeout in User access group and/or use timeout activity in Authentication service. (which is PARTIALLY solving my requirement ).
I am looking a solution to apply Organization standard timeout when Ideal browser session timeout reached. And user should get navigated to SSO login screen rather passivating user session and prompt for PEGA login id password.
Please note i have went through lots of article in PDN but all were suggesting to configure timeout in access group and then some other steps ...
But i have to configure logic WITHOUT considering access group timeout.
Please assist ? I am using PEGA 7.4
Few articles which i went through were:
Updated: 8 Jun 2019 2:06 EDT
Instellars
IN
Hi,
Have you considered using the IDP server's specific settings to configure session timeouts?
For e.g. ADFS provide session timeout settings to handle the session on the server itself rather than in the calling authentication service.
Roche Pharma
IN
Hi Ajay,
Thanks for your comment :)
I think updating IDP global value (which is 1hrs) and serves the whole organization as standard value is not recommended but rather we have to control session timeout from PEGA. I can customize the solution and can achieve it. I have one solution in my mind and at first attempt it seems to working.
However i am looking any other OOTB solution without using ACCESS Groups Authentication timeout. If anyone aware of?