Configurable session timeouts allow you to enforce stricter security policies than PagerDuty's historical defaults (90 days for web, up to 5 years for mobile).

📘

Availability

This feature is available only via API.

Timeout Types

You can define two types of timeouts for both web and mobile sessions.

Idle Timeout

Automatically logs out users after a specified period of inactivity, protecting against unauthorized access when users step away from their devices. You can set this value between 60 seconds and 180 days.

Absolute Timeout

Defines the maximum duration a session can remain active since login, regardless of user activity. This ensures regular re-authentication and reduces exposure from potentially compromised sessions. You can set this value between 10 minutes (600 seconds) and 210 days (18,144,000 seconds).

Default Values

Unless you configure custom values, the following defaults apply to your account:

Idle timeout: 15 minutes
Absolute timeout: 1 hour

The defaults apply to both web and mobile sessions.

🚧

Note

Accounts created before March 02, 2026 keep their existing timeout settings unless explicitly modified. The defaults apply to new accounts as of March 02, 2026 only.

Key Behaviors

New vs. Existing Sessions

When you configure session timeouts, the new values take effect immediately for all new logins. Additionally, all existing sessions of the specified type (mobile, web, or both) are immediately revoked, requiring users to log in again with the new timeout policies in effect.

Scope

Session timeouts apply account-wide to all users. Role-based or user-specific timeout configurations are not supported.

Integrations

Session timeouts do not apply to integrations (such as Jira, Slack, etc.), which continue to use their predefined timeouts.

Configuring Session Timeouts

Session timeouts are configured via the PagerDuty API. You'll need admin or account owner permissions to make changes.

For complete API documentation, including authentication requirements, request examples, and response formats, see:

• Get Session Configurations - View your current settings
• Configure Session Timeouts - Create or update timeout policies
• Delete Session Configurations - Revert to default values