[IdP] Webapplication Session timeout using IDP configuration

Forge Component
Published on 4 Nov by Telmo Martins
39 votes
Published on 4 Nov by Telmo Martins


We are using the IDP connector to authenticate our users.We are having problem with session timeout, after certain amount of inactivity to our application, user having session timeout issue for every 20 mins 

We are looking for a way to control web application session timeout. I contacted outsystems about this issue, they provided extensions Random integer and Session timeout. Steps i followed:

Step 1:

By using extensions,  I implemented  session timeout action to control the application for certain time. It didn't worked out by using IDP configuration.

By disabling IDP configuration, I tried using Random integer and Session timeout extensions then it worked.

Step 2: 

 I tried browser session component, to control time of application, It didn't worked out by using IDP configuration.

By disabling IDP configuration,tried browser session component, to control time of application then it worked.

Step 3: Factory configuration component also used, but no luck. Its not working for our criteria.

Could anyone help me on this by using IDP configuration, How to handle session timeout in web application.



Hi Anusha,

you want to set the minutes configured on the server for the session timeout?

The IdP connector session it's a standard server session, so if you increase that value for the "whole" server, IdP will also use that new timeout.


Can you please explain it about whole server clearly WHAT TO DO.

I used factory configuration web.config , By increasing minutes in shared configuration that associated with my application. After certain time my application should close. But its not logging out. 


What I was saying is that all sessions on the server (including IdP connector and end user apps) will have that session timeout. The page on the browser by itself will not be redirected to the login page, as after the session timeout only when the user performs some action that calls back the server, the browser will be redirected to the login page.


Thanks for explaining. 

We tried factory configuration component using IDP in our application, We gave 5 mins time frame. After that time, when i click another screen or search, it is redirecting  to the ADFS login page. I think its working fine.

But after 5 mins. when the user performs actions, it is going to invalid permission screen. We need to control this, Like without going to invalid permissions page, It needs to go logout page works for us. 

we are using the ADFS services provided by our Enterprise AD accounts domain at (State Agency)

Could you help me on this?


In the image above, when the execution flow goes to the InvalidPermission, the user is already logged in, but don't have permission (ie, the necessary roles) to access the screen that he/she wants to open.

If you want to redirect the user to another screen, just redirect to user to it, instead of InvalidPermission.