Change the OktaIWA Web agent timeout period

You can configure how long the agent tries to automatically sign users in to apps before redirecting them to the Okta Sign-In page. This is useful for extending the app authentication timeout period in environments with slower networks.

  1. On the same server that hosts the IWA Web agent, navigate to C:\inetpub\wwwroot\IWA and open the file web.config.
  2. Search for the element <iwaDetection timeout="1000" /> and modify the timeout attribute (given in milliseconds).

    Increase the attribute value if you want to give the agent more time to detect IWA SSO capability before redirecting the user back to the Okta Sign-In page.

  3. Save and close the web.config file.