Wednesday, 1 June 2011

Powershell - Security Token Timeout

A requirement of a recent project was to modify the time out of the security token for claims based authentication users.
  • Open SharePoint Powershell window
  • Run cmdlet:  Get-SPSecurityTokenServiceConfig

  • Run cmdlet:  Set-SPSecurityTokenServiceConfig -FormsTokenLifetime 5

Parameter FormsTokenLifetime specifies in minutes the length of time the security token for a forms based authentication user will remain active.

WindowsTokenLifetime performs a similar job for windows authentication users.


  1. Do you know what the impact of shortening these values is? Presumably, if a user leaves their browser idle, it will effectively log the user out. But if the user remains active, they wont notice right?
    How is this different from the SP session timeouts?