Single Sign-On Time Limits
This table contains the time limits configured for CERN Single Sign-On sessions. If nothing is specified, the time limit applies to all login methods (including second factor authentication) and all accounts (including CERN, externals and applications).
Type | Time limit |
---|---|
Session idle | 10 hours |
Session max | 12 hours |
Offline session idle | 30 days |
Access token validity | 20 minutes |
Access token validity for implicit flow | 15 minutes |
Client login timeout | 1 minute |
User login timeout | 30 minutes |
Second factor initialization timeout | 10 minutes |
Password reset link validity for guest accounts | 10 minutes |