Configure Fluent OMS session timeout for SSO users without external IDPs

This guide shows Implementers how to configure Fluent OMS session timeout (automatic user log-out) for SSO users without external IDPs using Ping Identity configuration.

1.1. Navigate to the Connections menu → Resources sub-menu.

1.2. Edit the username Resource.

1.3. Set the token expiry time value (in seconds) in the Access token time to live field.

Click the Save button.

2.1. Navigate to the Experiences menu → Authentication sub-menu.

2.2. Edit your Authentication Policy.

2.3.1. Uncheck the Last sign-on older than…

Click the Save button.

2.3.2. Alternatively, set a new log-in time for the Last sign-on older than…

Click the Save button.

The following use case explains how the session timeout controls influence automatic user log-out.

Sample configuration

• An SSO user log-in into the Fluent OMS.
• The user’s access token is updated by Ping Identity within 5 minutes from the log-in moment → no automatic log-out (as the session timeout has not been reached).
• Ping Identity notifies fluent OMS that the session timeout has been reached in 7 minutes from the log-in moment → no automatic log-out (as the user’s access token is still valid).
• The user log-out from Fluent OMS automatically 10 minutes from the log-in moment (with the token update attempt when the session timeout has been reached).