The Max Authentication Session parameter in Single Sign-On settings specifies the maximum duration, in seconds,...

In Saviynt's SSO setup, the "Max Authentication Session" parameter determines the maximum duration of an SSO session within Saviynt, overriding any longer durations set by the Identity Provider (IdP).

Session Duration Logic: Saviynt's internal session timeout setting takes precedence over the IdP's session timeout. This ensures that Saviynt can enforce its own security policies regarding session lifetimes.

Why other options are incorrect:

B. 10,000 seconds: This is the IdP's session logout value, but Saviynt's "Max Authentication Session" setting overrides it.

C. 3600 seconds: This is the default value, but the question specifies a configured value of 5000 seconds.

Saviynt IGA References:

Saviynt Documentation: The documentation for configuring SSO settings within Saviynt explains the "Max Authentication Session" parameter and its impact on session duration.

Saviynt Best Practices: Saviynt's best practices for SSO often recommend aligning session timeouts between the IdP and Saviynt to avoid confusion and potential security gaps.