The SAML2 gateway also supports global sessions, which is a necessary feature for Single Sign-On. The SP may register any number of applications, and any number of “session domains” in the configuration on Signicat’s side. A session domain describes the rules for global user sessions, and defines which applications participate in the session. An application could participate in only one session domain at a time.
When a user has authenticated her-/himself using strong e-ID, and created a session, (s)he may access all applications participating in the same session domain, without a new e-ID authentication. The user session is valid until (s)he explicitly logs out or the session times out.
The timeout rules are defined in the session domain. If the session for a user times out, then (s)he is automatically logged out from all applications belonging to the same session domain.