SAP Knowledge Base Article - Public

2685240 - Session timeout message - System behaviour when SSO SAML v2 is enabled

Symptom

  • What is the behaviour when a users session times out?
  • Can we set a redirect for when a users session times out?
  • Can we force the users IDP session to be killed when their SuccessFactors session expires?

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."

Environment

SAP SuccessFactors HXM Suite

Reproducing the Issue

  1. A users session has timed out.
  2. They are prompted with the below pop-up with the message: "Your session has expired. If you have any unsaved data, close this message and copy the data before logging in again. If not, please log in again now."

Session Timeout.png

Cause

  • The SuccessFactors BizX suite has a hard default setting of 30 minutes timeout on no activity.
  • This applies to all cloud clients and cannot be changed at all, no exceptions as there is no instance level capability.
  • See KBA 2088893 - System: 30 minute Session Timeout - BizX Platform

Resolution

The user has two options.

  • Clicking "Close" 
    • The users session in SF has now expired but their IDP session is still active.
    • If the user clicks on the "Close" button, the page they are currently on will be available to for read-only purposes.

OR

  • Clicking "Login"
    • The users session in SF has now expired but their IDP session is still active.
    • If the user clicks on the "Login" the user will be routed to the session timeout redirect URL in place in provisioning. See KBA 2278269

Note:

  • If there is no session timeout redirect URL configured in provisioning and the user clicks "Login", users will be redirected to the default company login screen.
  • If there is an “customized timeout” in instance  –  than the SLO (single log out) will be triggered  instead of the time out dialog and no  Login/Close pop up appears during end of the session .This is expected behavior  and if  we  change it back to default timeout, following that the session timeout popup & respective redirection should work.

Keywords

Session timeout, redirect, re-direct, start page, login page, error, session, timed, "Your session has expired. If you have any unsaved data, close this message and copy the data before logging in again. If not, please log in again now.", , KBA , LOD-SF-PLT-SEL , SSO Errors & Logs , Problem

Product

SAP SuccessFactors HCM Suite all versions