Hi, I’m getting word that several of my forum members are getting logged out automatically after 20-30 minutes.
I use SSO so I’m wondering if the issue could be something with them logging into the main site, then going into Discourse (which starts a new session there?), then going back to the main site (which means Discourse is idle), and then going back into Discourse and somehow being logged out.
(That doesn’t quite make sense, though, because every time they go into Discourse, it should set the “idle timeout” to 0 again, right?)
I found a couple of threads about timeouts etc. here in meta but none of them seem to have a clear answer.
Question: is there a setting to prevent members from being logged out until they are idle for X period? I can’t seem to find it.
I do see in my Discourse settings that I have my “maximum session age” set to 1 hour, but I don’t think that really makes any difference with an SSO implementation, does it? (Note that when a member logs out on my main site, I send a /logout message to Discourse, just to keep everything clean. And whenever a member does any activity in Discourse, I update the last-activity time on my main site, so it isn’t the main site timing out. I’m adding additional debugging code now to confirm that this is all working as it should.)