SAP Knowledge Base Article - Public

2685240 - Session timeout - System behaviour when SSO SAML v2 is enabled

Symptom

  • What is the behaviour when a users session times out?
  • Can we set a redirect for when a users session times out?
  • Can we force the users IDP session to be killed when their SuccessFactors session expires?

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."

Environment

SAP SuccessFactors HCM Suite (with SSO SAML v2 enabled)

Reproducing the Issue

  1. A users session has timed out.
  2. They are prompted with the below pop-up

Session Timeout.png

Cause

  • The SuccessFactors BizX suite has a hard default setting of 30 minutes timeout on no activity.
  • This applies to all cloud clients and cannot be changed at all, no exceptions as there is no instance level capability.
  • See KBA 2088892 - System: 30 minute Session Timeout - BizX Platform

Resolution

The user has two options.

1. Clicking "Close" 

  • The users session in SF has now expired but their IDP session is still active.
  • If the user clicks on the "Close" button, the page they are currently on will be available to for read-only purposes.

2. Clicking "Login"

  • The users session in SF has now expired but their IDP session is still active.
  • If the user clicks on the "Login" the user will be routed to the session timeout redirect URL in place in provisioning. See KBA 2278269

Note: If there is no session timeout redirect URL configured in provisioning and the user clicks "Login", users will be redirected to the default company login screen.

Keywords

Session timeout, redirect, re-direct, start page , KBA , LOD-SF-PLT-SEL , SSO Errors & Logs , Problem

Product

SAP SuccessFactors HCM Suite all versions