What is the session timeout length for web services?


Some web based services have timeouts set in case a person forgets to log out or left a browser open, reducing the chance of an unauthorized access. Inactivity is normally measured from the last function called to the service, not if you have the window open.  In some cases the timeout is based on the start time of the session regardless of activity.

Note: Web services that use Single Sign-On (SSO) can typically reconnect without prompting the user for a password but they may still display sign-out or session disconnect pages.


IT Service Timeout Lengths

IT Service Timeout Uses Single Sign-On (SSO)? Identity Provider
Active Directory Federation Services (AD FS) 10 hours Yes Active Directory (on-premises)
Microsoft Entra ID (Azure AD) - Cloud Authentication 24 hours Yes Azure AD
Ellucian Ethos Identity (EEI) 10 hours Yes Azure AD
Office 365 Services (Exchange Online) 60 minutes Yes Azure AD
Canvas 24 hours Yes Azure AD
VandalWeb 45 minutes Yes EEI + Azure AD
Banner 9 Admin 8 hours Yes EEI + Azure AD
help.uidaho.edu - Account Management 20 minutes Yes Azure AD
ITS Web Services - Shibboleth SP for IIS 60 minutes Yes Azure AD





Article ID: 1206
Wed 11/28/18 9:29 AM
Wed 11/29/23 3:25 PM