Why do web services timeout and the period before the timeout?

Some web based services have timeouts set in case a person forgets to log out or left a browser open, reducing the chance of an unauthorized access. Inactivity is normally measured from the last function called to the service, not if you have the window open.  In some cases the timeout is based on the start time of the session regardless of activity.

Note: Web services that use Single Sign-On (SSO) can typically reconnect without prompting the user for a password but they may still display logout or session disconnect pages.

 

IT Service Timeout Lengths

ITService Timeout Uses Single Sign-On (SSO)? Identity Provider
Active Directory Federation Services (AD FS) 10 hours Yes Active Directory (on-premises)
Azure Active Directory (Azure AD) - Cloud Authentication 24 hours Yes Azure AD
Ellucian Ethos Identity (EEI) 10 hours Yes Azure AD
Office 365 Services (Exchange Online) 60 minutes Yes Azure AD
BbLearn (Blackboard) 10 hours Yes Azure AD
VandalWeb 45 minutes Yes EEI + Azure AD
Banner 9 Admin 8 hours Yes EEI + Azure AD
help.uidaho.edu - Account Management 20 minutes Yes Azure AD
ITS Web Services - Shibboleth SP for IIS 60 minutes Yes Azure AD

 

Details

Article ID: 1206
Created
Wed 11/28/18 9:29 AM
Modified
Fri 2/7/20 1:38 PM