Skip to main content
Skip table of contents

How to fix users getting logged out after two minutes when using SiteMinder


If your end users report the behavior of being logged out or receiving a timeout dialog shortly after logging in, and you are using SiteMinder or a similar SAML-based SSO provider, your Identity Provider (IDP) configuration may need adjusting.

The symptoms include seeing the attribute SessionNotOnOrAfter in your SAML assertions when debugging as described in our SAML documentation or using a SAML tracer. The full authentication statement causing this might look like this, indicating there is a very short amount of time between authentication and session expiration time.

<ns2:AuthnStatement AuthnInstant="2022-01-20T19:55:23Z" SessionIndex="iCOpSprLm+RFlKUuSRQXGFZka+s=gOdlag==" SessionNotOnOrAfter="2022-01-20T19:56:53Z">


In certain SiteMinder versions, the default setting for session length is to match Assertion Validity, which can be as short as two minutes.

Verify with your SiteMinder team that the settings are as follows

  1. Go to your SiteMinder Administrative Interface
  2. Find the SSO configuration section that contains the Recommended SP Session Duration 
  3. Ensure this is set to Customize 
  4. Then either use Omit  (the default timeout on the platform is 60 minutes) or set a Custom  length that is appropriate for your IT teams security needs.
  5. Save your changes

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.