I have what I hope is a very basic question. Our organization is implementing SSO, via ADFS/SAML. Are we able to create a SSO configuration in which each SP gets its own session timeout? We would like a SSO experience in which users remain logged-in for 6 months in their main dashboard (which offers personalized info but nothing confidential), while linking to other systems that have critical transactional features, and those systems should require re-authentication every 30 minutes. So far we have not found a solution, which would mean users get logged off of all systems by the lowest-common-denominator timeout of 30 minutes. If there is a way to assign each SP its own session timeout, can you give me a primer on that which I can forward to our sys admins? Thank you!
|