Configuring the Automatic Sign-Out in S/4HANA Cloud
In the past we have had issues with the server signing out users from S/4 HANA Cloud, when they access custom Cloud Neo Platform Apps that is opened in a new browser window. The user was seen to not be active in the system therefore automatically signed out after 30 minutes.
As of version 1911 new functionality is available to set the auto-logout time. The launchpad now offers two different methods to specify how the automatic sign-out should be handled – Server driven sign-out or UI driven sign-out. SAP recommends that only one of these methods be used, not both.
For this purpose, a new Business catalog: SAP_CORE_BC_UI is available. This new business catalog is added to the SAP template business role: SAP_BR_ADMINISTRATOR.
The new business catalog adds a new group User Interface Configuration and a new App tile Manage Launchpad Settings.
This new App will allow you to maintain 12 different launchpad settings. For our purpose though, the parameters for configuring the automatic sign-out is relevant:
For Server driven sign-out:
Keep in mind that the server timeout is set to 30 minutes (default). We can now use the parameter SESSION_TIMEOUT_STOP_DATA_REFRESH to work with the ABAP-server driven sign-out. Here we can set the time a user has to be inactive before applications (e.g. dynamic tiles or notifications) stop sending polling requests for refreshing data.
This is necessary because as long as the client sends requests, the server will not terminate the session. After the client has stopped sending requests the server session-side timeout (30min) will apply. For example: If you set 15 minutes for SESSION_TIMEOUT_STOP_DATA_REFRESH and the server timeout is set to 30 minutes, the launchpad session will be ended after 45 minutes of inactivity.
Alternatively, you can use UI driven sign-out:
You define the times for automatic sign-out with two parameters:
Use the parameter SESSION_TIMEOUT_INTERVAL_IN_MINUTES to enter the timeout period in minutes for the session timeout. If you enter -1, you disable the automatic sign-out. This is the default setting.
With the parameter SESSION_TIMEOUT_REMINDER_IN_MINUTES you can set the time when a popup window reminding the user of the automatic sign-out will be displayed.
The downside of using this method is that idle time needs to be monitored across several open browser tabs. Therefore, each user must enable localStorage or DOMStorage browser settings, depending on the browser used.
You will have to determine which of the two methods is best suited to your environment to achieve the balance between security policy and user convenience.
Please see SAP Fiori Launchpad for S/4HANA Cloud documentation for information here: