Applies To:

GroupID 8 and above - Self-Service & Password Center portals

Business Scenario:

By default, if a Self-Service or Password Center portal is left idle for 20 minutes, the session ends. When the user clicks any link, he or she is redirected to the Login page to provide the credentials again.

You may want to increase or decrease the default session timeout settings for ease of use or security concerns. Larger intervals provide ease of use but compromise security and vice versa.


The sessiontimeout value key can be changed in the web.config file of a portal. If you have multiple portals, remember to change the value in each portal's respective web.config file.

The file is available at the following location for the respective portals:

Self Service portal:

C:\Program Files\Imanami\<GroupID_version>\SelfService\Inetpub\<portal_name>\Web

Password Center User portal:

C:\Program Files\Imanami\<GroupID_version>\PasswordCenter\Inetpub\<portal_name>\Web

Password Center HelpDesk portal:

C:\Program Files\Imanami\<GroupID_version>\PasswordCenter\HelpDesk\Inetpub\<portal_name>\Web

Open the web.config file with a text editor, search <appSettings> and look for <add key="sessiontimeout" value="20" /> under it. Provide the value in minutes here. If the key does not exist, add the line and save the changes.


Microsoft Developer Network: Session.Timeout