Session Timeouts
Configurable session timeouts allow you to enforce stricter security policies than PagerDuty's historical defaults (90 days for web, up to 5 years for mobile).
Availability
This feature is available only via API.
Timeout Types
You can define two types of timeouts for both web and mobile sessions.
Idle Timeout
Automatically logs out users after a specified period of inactivity, protecting against unauthorized access when users step away from their devices. You can set this value between 60 seconds and 180 days.
Absolute Timeout
Defines the maximum duration a session can remain active since login, regardless of user activity. This ensures regular re-authentication and reduces exposure from potentially compromised sessions. You can set this value between 10 minutes (600 seconds) and 210 days (18,144,000 seconds).
Default Values
Unless you configure custom values, the following defaults apply to your account:
Idle timeout: 15 minutes
Absolute timeout: 1 hour
The defaults apply to both web and mobile sessions.
Note
Accounts created before March 02, 2026 keep their existing timeout settings unless explicitly modified. The defaults apply to new accounts as of March 02, 2026 only.
Key Behaviors
New vs. Existing Sessions
When you configure session timeouts, the new values take effect immediately for all new logins. Additionally, all existing sessions of the specified type (mobile, web, or both) are immediately revoked, requiring users to log in again with the new timeout policies in effect.
Scope
Session timeouts apply account-wide to all users. Role-based or user-specific timeout configurations are not supported.
Integrations
Session timeouts do not apply to integrations (such as Jira, Slack, etc.), which continue to use their predefined timeouts.
Configuring Session Timeouts
Session timeouts are configured via the PagerDuty API. You'll need admin or account owner permissions to make changes.
For complete API documentation, including authentication requirements, request examples, and response formats, see:
- Get Session Configurations - View your current settings
- Configure Session Timeouts - Create or update timeout policies
- Delete Session Configurations - Revert to default values
Updated about 3 hours ago