I'd like to centralize control of Jira session timeouts into my identity provider. SAML specifies an attribute called SessionNotOnOrAfter, which according to the specification:
"Specifies a time instant at which the session between the principal identified by the subject and the SAML authority issuing this statement MUST be considered ended."
Does Jira honor this attribute for the purposes of restricting session durations?
I'm interested in that answer, too. Atlassian?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.