Skip to main content
Published: August 12 2009, 12:55:00 PMUpdated: November 28 2020, 7:42:59 PM

What are the best practices for user session timeout management?

 Summary

   In general you should set some timeout in your application to whatever you feel comfortable with, here are some guidelines.

    Question :  Should we show an error when my Open eBay Apps session timeout?
    Answer:     Once session timeout is reached- present a message for the user to refresh the page 

    Question :  Is there a way to tell that our Open eBay Apps is inside the ebay iframe?
    Answer:     Of course, your application would not get st, sig, and sp Render URL parameters if it was not.


    Question:  How long should our session expires? If we know we are running inside eBay WebTop iframe , can we leave a user session overnight?
    Answer:    You can trust eBay's authentication, but overnight is too long. The best practice is to set session timeout for 1 hr or several hours, then have the user do a page refresh.

   

How well did this answer your question?
Answers others found helpful