SAP Knowledge Base Article - Public

1800435 - Changed frontend behavior due to introduced session-timeout (security)


After an inactivity period of 60 minutes a message is displayed offering to prolong the session. The message adds a courtesy buffer of 5 minutes.
The confirmation will reset the timeout counter again and would count up to 60 minutes. Every interaction with the SAP system will reset this counter as well.
Session will be terminated, if the defined time frame has passed without any activity.
This system behavior will ensure best security and privacy practice.

Reproducing the Issue

A timeout is not an issue but a security requirement.


Common data protection and privacy requirements demand for this session handling.
In alignment with SAP Security officials, session-timeouts of 60 minutes are defined for OnDemand products.


SAP follows the principles of data consistency and data security first.


KBA , time out , session , pause , session non valide , session arrêtée , session expirée , session suspendue , session no longer valid , session no valida , sesión expiro , 60 min , connexion coupée , 60 minutes , connectivité , conexión , login session expired , log on again , arrêt , auto logoff , expired , desconectado , déconnexion , déconnecter , SRD-HR-TLM , Time and Labour Management , How To


SAP Business ByDesign all versions