Configure the amount of time that an authentication request lasts before timing out.Customize the authentication experience to your user's needs and reduce the number of users that experience a push notification timeout when attempting to authenticate using the PingID mobile app.
An authentication request consists of the following two parts, both of which are configurable:
- Device Timeout: the maximum time allowed for a new authentication notification request to reach a user's mobile device before timeout occurs. The default value is 25 seconds.
- Total Timeout: the total amount of time a new authentication request has to reach a user's mobile device before timeout occurs. The difference between the device timeout and total timeout indicates the amount of time the user has to respond upon receiving an authentication request before timeout occurs. The default value is 40 seconds.
You can configure timeout values per service, such as Web SSO, Windows login, API, SSH, or VPN, or set global timeout values that are applied to all services. You can increase the timeout values to extend the amount of time a user has to complete authentication on their mobile device before timeout occurs.
This is useful for users with a slow internet connection, for example. You can also use this feature with the direct passcode usage feature to enable users with slow connections to use a one-time password (OTP) to authenticate immediately, rather than responding through a push notification or waiting for the notification to timeout. For more information, see Configuring direct passcode usage.
Changes to the default timeout configuration are applied per organization to all authentication requests, including retry authentication attempts.
If push notifications are disabled for a user in the PingID mobile app (
), the user is directed to the fallback OTP flow immediately, and no timeout period is applied.