Identity-federation standards require a window of time during which a SSO token is considered valid. Each SSO token has an issuance time-stamp element and elements indicating the allowable lifetime of the SSO token before and after the issuance time stamp.
PingFederate gives you the option to change the valid lifetime of the single sign-on (SSO) token.