Skip to Main Content
Return to Navigation

PIA Timeouts

A number of additional timeouts may be set through PIA. These settings reflect changes at the database level that may pertain to different groups of users.

Note: The timeout settings in PIA are optional and are not required to run PIA. However, an understanding of how these settings can contribute to a user's session duration is important in the context of other timeout values that appear in this topic.


Navigation Path



Authentication Token expiration time

PeopleTools, Security, Security Objects, Single Signon

Specify the interval during which the system can trust a single signon token (PS_TOKEN) from the same or another content provider.

Note: As long as users remain signed in, the expiration of PS_TOKEN does not affect them. This setting is relevant only for the GetCertificate request during single signon.

720 minutes (12 hours)

Permission List - Time-out Minutes

PeopleTools, Security, Permissions & Roles, Permission Lists

Specify an interval during which a given permission list applies. The interval starts for a user to which the permission list is assigned when that user signs in. When the timeout period elapses, the user's online session is terminated.

If a user belongs to multiple permission lists, the largest timeout value from among those permission lists is applied to the user's session during signon. The permission list timeout is effective only if its value is less than the web server session-timeout. This means that all of the permission list timeouts for a given user must be less than the web server session-timeout to be effective. However, the Inactivity Warning timeout still applies.

Note: A value of 0 produces an indefinite timeout.

0 minutes