loginTimeoutSeconds doesn't seem to be working for IdP users

eg2428 · August 22, 2025, 2:11pm

We have loginTimeoutSeconds set to 1800, but at no point am I ever prompted to re-enter my credentials. I can leave the computer completely untouched for 30+ minutes, and actions that should re-trigger auth do not.

We also have timeoutLogoutMinutes set to 60, and the console can close, I come back the next day, and I can start the console and log in without ever entering my credentials. This is after several hours of inactivity.

I’m using an Identity Provider operator, syncing from Entra, and I log in using SAML authentication (not using Windows session credentials). We’re running BigFix 11.0.4.60. Does anyone have any ideas/is there something I’m missing?

gus · August 22, 2025, 7:41pm

Hi @eg2428, what is the value of this client setting you’ve configured on your BigFix root server:

_BESDataServer_AuthenticationTimeoutMinutes

This setting allows you to specify the duration of the SAML authentication session when logging in to the BigFix Console. The value for this setting is specified in minutes.

Thanks, Gus.

eg2428 · August 22, 2025, 7:57pm

Hi @gus , it doesn’t look like we have this client setting set on our root or webUI server. Just to be clear, if our webUI and root server are separate, which one should this client setting be applied to?

Thank you