Session timeout

A session timeout is a safeguard against sensitive data remaining visible when a screen has been left unattended for a defined duration.

Follow these steps to setup a session timeout in Journey Applicants.

1. Ensure the Session timeout in Journey Manager's Security Manager is set to the desired duration.

   1. Log into Journey Manager and go to Security > Security Managers.
   2. Select your security manager from the list.
   3. On the Security Manager tab, select the desired Session timeout value.
   4. Click Save.

2. Set the idleTime in transact-config.json to be slightly longer than the timeout selected in Journey Manager. For example, if you selected 30 minutes as the Session timeout in Journey Manager, set the idleTime to at least 31 minutes. This will ensure that if both the application and Journey Manager session have been idle for the same amount of time, the app will check the JM session just after it has ended.

info

The idleTime value is specified in milliseconds. For example, the value for an idleTime of 31 minutes is 1860000 ( = 31 * 60 * 1000).

Each time the application is left idle (that is, without interaction) for the defined idleTime, Journey Applicants checks Journey Manager for a connected session. If the session time in Journey Manager has elapsed, the application logs out, presenting the login screen to the user.