A policy for single sign-on can help you control a temporary duration for SSO before the user must re-authenticate. Or enforce multi-factor authentication (MFA) for all logins.

How to apply the rule globally

The SSO rule set as globally will apply to all users.

NOTE: Only 1 SSO rule is allowed.

1. From the dashboard, click Policies.
2. Click the Add New Policy.
3. Click Single Sign-On (SSO) Reset Frequency.
4. Use the slider to define the rule.
   1. To Always Require MFA. Move the slider all the way to the left.
   2. To expire SSO after a period. Move the slider based on your organizations’ rules. Anywhere between 1 to 7 days.
      
5. Click Add Rule.

It is recommended that if the SAML capable web application allows you to configure a session timeout. You match it to the policy defined within your Evo Portal.