Introduction
This document explains configuring authentication timeout in the Pega Platform, emphasizing its role in enhancing security. We will discuss setting up timeout periods, handling warning messages, and integrating with external authentication systems like SAML SSO.
Configuring Authentication Timeout
1. Access Group Configuration
- Navigate to Records -> Security -> Access Group.
- Open the desired Access Group and switch to the Advanced tab.
- Under Access Control, locate the Authentication-time-out field.
- Specify the desired timeout duration in minutes.
Key Considerations
- Align the timeout value with your organization’s security policies.
- A shorter timeout enhances security but may disrupt user workflows.
- Balance security needs with user experience.
2. Warning Message Customization
To display a warning before session expiration, update the localized value for the field value rule with the following criteria.
o Field Value: TimeoutWarning
o Field Name: pyMessageLabel
SAML SSO Integration
- If using SAML SSO, determine the authentication timeout handled by the external system.
- Compare the external timeout with the Pega Platform configuration.
- To prioritize external timeout:
In the SAML 2.0 tab, uncheck the Use access group timeout checkbox.
- To enforce re-authentication for new and reactivated sessions, check the Force
authentication checkbox.
Additional Notes
Blank Timeout Values: The fields PyAuthenticationTimeout and pxThread.pxAuthenticationTimeout are typically left blank.
Pop-up Behavior: Depending on browser settings and JavaScript implementation, a pop-up may appear before the configured timeout.
External Authentication: If authentication is managed externally, consider leaving the Pega Platform timeout blank.
Best Practices
- Regularly try to review and adjust timeout values based on security assessments and user feedback.
- Implement robust password policies and multi-factor authentication for added security.
- Provide clear communication to users about session timeouts and warning messages.
Conclusion :
Following these guidelines, you can effectively configure authentication time-out in the Pega Platform to protect sensitive data and enhance overall system security.
You can also learn more PEGA Tutorials here —-
Thanks for your support we will provide more tricks & tips for you. If you like our tricks, share these with your friends and join my Telegram Channel , WhatsApp Channel And Youtube Channels for more new tricks & tips.