Search Results :

×
Sign Up Contact Us

Key Features of SSO Session Management

Get everything you need to stop unauthorized access and keep sessions protected in a single addon.

AWS Cognito Single Sign-On

SAML & OAuth Support

Whether your users log in through SAML or OAuth, the same session rules apply to everyone. No extra setup needed for each login method.

Cognito Login via WordPress Default Login

Role-Based Session Timeout

Different users get different login windows. An admin might get 30 minutes while an editor gets 8 hours. You can set the time for each role separately.

Cognito Password Reset

Session Timeout Control

Decide how long a user stays logged in after signing in. Set the time in seconds, minutes, hours, or days. When the time is up, the user is logged out automatically.

Attribute Mapping for Cognito Integration

Idle Session Timeout

If a user stops using the site, they get logged out after a time you set. This prevents open sessions from sitting unattended on shared or public devices.

Seamless User Update

Persistent Login

Users who check Remember Me stay signed in even after closing the browser. When they come back, they are already logged in. You control who gets this and for how long.

Registration Form Integration

Session Warning Prompt

Before a user gets logged out, they see a warning message. They can click Extend to keep working. If they do not respond, they are logged out and shown a custom message.

Setup Guide for SSO Session Management

Secure and manage user sessions with ease. Follow this quick guide to configure session controls and strengthen your WordPress security.

View Guide

How WP SSO Session and Login Management Works

Here is exactly what happens from the moment a user authenticates to the moment their session ends

Step 1: User Logs in with miniOrange SSO
Step 2: Session Rules Apply
Step 3: Activity Is Monitored
Step 4: Session Continues or Ends

Step 1: User Logs in with miniOrange SSO


The user signs in through the miniOrange WordPress SSO plugin using SAML or OAuth.

Step 2: Session Rules Apply


The addon applies timeout, role-based, and Remember Me settings.

Step 3: Activity Is Monitored


The system checks whether the user stays active or idle.

Step 4: Session Continues or Ends


The session stays active, shows a warning, expires, or persists based on policy.

Frequently Asked Questions

Answers to Common Questions About the SSO Session Management for WordPress.

What is SSO Session Management?

SSO Session Management controls what happens to a user's login session after they sign in through Single Sign On. Once a user is authenticated, the site needs to decide how long to keep them logged in, what happens when they go idle, and whether different user roles should follow different session rules.

How does SSO Session Timeout work?

When a user logs in through SSO, the miniOrange SSO Session Management Addon starts a timer based on the duration set for that user's WordPress role. When the timer runs out, the session ends, and the user needs to sign in again through SSO. SSO session timeout can be set in seconds, minutes, hours, or days.

What is the difference between session timeout and idle timeout?

Session timeout ends a login after a fixed amount of time from when the user signed in, whether they are active or not. Idle session timeout only ends the session when the user stops interacting with the site for a period that the admin defines. An active user keeps their session going. An inactive user gets a warning message first, and if they do not respond, the session closes automatically.

Can I set a role-based session timeout for different users?

Yes. Role-based session timeout in the miniOrange Single Sign On Session Management Addon lets admins assign a different session duration to each WordPress user role. An administrator can get a 15-minute session, an editor can get eight hours, and a subscriber can get a full day. Each role follows its own rule automatically at login.

Can I enable Remember Me for SSO users?

Yes. Remember Me for SSO in the miniOrange Single Sign On (SSO) Session Management Addon keeps users signed in even after they close the browser. When they return to the site, they are already logged in without going through SSO again. Admins can turn this on for all SSO users, all non-SSO users, or limit it to specific roles like editors or authors only. When Remember Me is enabled, covered users get a fixed 14-day session. When it is turned off, the default or role-specific session time applies instead.

How does Persistent Login work with SSO?

Yes. Remember Me for SSO keeps selected users signed in after they close the browser. Admins can enable it for all SSO users, non-SSO users, or specific roles. Enabled users get a fixed 14-day session.

Want to Schedule a Demo?

mo-form

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

Hello there!

Need Help? We are right here!

support