DigiCert® Trust Lifecycle Manager caches SAML authenticated sessions for up to 30 minutes. After 30 minutes, you need to re-authenticate against your SAML IdP.
The SAML session key is treated as unique, to prevent malicious users from reusing the SAML response.
All SAML IdP assertions must be digitally signed.
Was this helpful?