Hello, Today in this blog we are going to see Authentication timeout in Application for Access Groups.
When operators/users are inactive for a certain period of time, Pega Platform requires users to reauthenticate by entering their login credentials. The browser session cannot resume until the login and password are accepted / valid.
Requiring reauthentication helps prevent a malicious or unauthorized user from hijacking the browser session. However, if reauthentication fails or is canceled, some or all of the data screen might continue to be displayed.
Authentication time-out is the length of time between when user activity in a browser session ceases and Pega Platform requires reauthentication. The expired browser session is still displayed during this time.
Please follow the below steps in order to perform authentication timeout:
Open any one of the access group in the application.
Now inside access group to Advanced Tab. And inside access control layout authentication timeout field is there.
Choose a time in seconds, that once exceeded, requires the user to reauthenticate. The value is exceeded when the idle time between the last response from Pega Platform and the current request from the client exceeds the value in the Authentication Timeout field. If this field is left blank, then there is no authentication timeout for the access group users.
So now i am giving 10 seconds as the authentication timeout for testing purpose.
After giving authentication time out value give this access group to anyone of the operator available.
After giving access group now please login into that application by using operator credintials.
Now i have logged into the application by using that operator credintials and earlier i have specified 10 seconds as time out value so after 10 seconds if i click anything on screen it should show the reauthentication pop-up.
We can see it is working as expected.
How much authentication time-out we should give ?
Ans:
Configure the authentication time-out according to your organization's security policies. Make sure that the authentication time-out is consistent with your organization’s policy so that you can set how long a user’s browser session can be idle before it requires reauthentication.
What if organization uses custome authentication scheme ?
Ans:
If your organization uses a custom authentication scheme such as single sign-on (SSO), the session time-out might be handled outside Pega Platform. In this case, compare the internal settings to the external settings. Determine the authentication time-out of your custom authentication scheme and verify that the Pega Platform authentication time-out is consistent with the external time-outs.
If authentication is handled by an external system, you can turn off the Pega Platform authentication time-out feature by leaving the authentication time-out field entry blank on the Advanced tab of the Access Group form.
**************************Thank You**************************
![SAML SSO Authentication in Pega [ Azure AD ]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZQCtBplYVxq6Wjz2N-lfMM2Dw_WP8wM9D7742fLKGyYHPYUmAcuyAcqRI8sOOikj8mttNF6Wbu-R3mR3wpS8eb1JCmzQdPNWe6UbXs866hU2_ozJ05E98efzd_G5-f3rJ9jkV-hi3BqOcwB5Cap-MZ5widQcB7z9g61qShVAoCcWXAK1FP7lNWsUCsQ/w100/Microsoft%20Azure%20AD%20SSO.png)
0 Comments