Application session timeout interaction

Access Gateway supports three specific session settings:

  • Browser Session Expiration - Session is set to expire with the browser's session.
  • Idle Session Duration - Destroy session if user is idle for this duration.
  • Maximum Session Duration - Destroy session if this duration is exceeded.

The following table describes the expected session behavior for each combination of settings.

Browser Session Expiration Idle Session Duration Maximum Session Duration

Behavior on
idle session timeout

Behavior after max session exceeded.

Reopen browser

Not supported. You must choose at least one behavior.

N/A1

Re-authenticate

Continue session if max session duration not exceeded


Re-authenticate

N/A2

Continue session if idle session duration not exceeded

Re-authenticate

Re-authentication

Continue session if max session duration not exceeded

N/A1

N/A2

Re-authenticate

N/A1

Re-authenticate

Re-authenticate

Re-authenticate

N/A2

Re-authenticate

Re-authenticate

Re-authenticate

Re-authenticate

1 - Ignored, no action taken as idle session duration disabled.
2 - Ignored, no action taken as maximum session duration disabled.

Related topics

Access Gateway and sessions

Configure advanced app settings