What is the session limit for web applications?


There are three types of session restrictions in place for web applications used at the university.

  • Idle Timeout - used to detect user inactivity and require re-authentication. No more than 15 minutes.
  • Session Limit - a maximum amount of time a session can be maintained before re-authentication. No more than 12 hours.
  • Sign-in Frequency - a maximum amount of time a sign-in session can be maintained before a full interactive user sign-in is required. No more than 30 days.

Web applications which use Single Sign-On (SSO) can typically reconnect without prompting the user for a password but they may still display sign-out or session disconnect pages.

Note: Microsoft has also implemented Continuous Access Evaluation (CAE) for the majority of Microsoft services. This allows a session token to be revoked at any time without requiring a full session limit timeout. More information on CAE is available here: https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-continuous-access-evaluation


Session Limit

This is a list of common web applications in use and their configured maximum session limits.

Web Application Session Limit Uses Single Sign-On (SSO)? Identity Provider
Active Directory Federation Services (AD FS) 10 hours Yes Active Directory (on-premises)
Microsoft Entra ID (formerly Azure Active Directory) 12 hours Yes Entra ID
Microsoft 365 Applications (Exchange Online) 60 minutes Yes Entra ID
Canvas 12 hours Yes Entra ID
Banner Self Service (VandalWeb) 8 hours Yes Entra ID
Banner 9 Admin 8 hours Yes Entra ID
help.uidaho.edu - Account Management 20 minutes Yes Entra ID
OIT Web Applications - Shibboleth SP for IIS 60 minutes Yes Entra ID


Frequency

The University of Idaho Microsoft Entra ID tenant is configured to require an interactive sign-in at least once every 30 days. The user must present a password, passkey and another multi-factor authentication credential to sign-in.




Print Article


Article ID: 1206
Wed 11/28/18 9:29 AM
Tue 5/14/24 1:26 PM