.. _session_timeout_rules:

Session Timeout Rules
---------------------

The following rules apply to the idle session timeout and absolute session
timeout values that can be applied to users via a credential policy:

* Setting the absolute session timeout to 0 disables it.
* The absolute session timeout takes priority over the idle session timeout.
  Therefore, setting the absolute session timeout to a value less than the idle
  session timeout effectively disables the idle session timeout.
* Credential policy session timeouts do not apply to SSO authenticated users.
  For SSO authenticated users, VOSS-4-UC honors the SessionNotOnOrAfter
  SAML 2.0 attribute, which is equivalent to an absolute session timeout, although
  controlled by the IDP.

.. note::
   Timeout limits will initiate the display of
   timeout limit notifications in the GUI -
   see: :ref:`timeout_limit_notifications`.