Problem Statement
How much time does it take for the state parameter to expire?
Solution
The state length/validation is controlled by the session lifetime settings (See Configure Session Lifetime Settings ), specifically the Require log in after
and Inactivity timeout
.
The maximum lifetime
for inactive sessions is 3 days (72 hours) for Developer or Developer Pro or 100 days (2,400 hours) for enterprise plans.
The Require log in after
is the timeframe (in minutes) after which a user will be required to log in again, regardless of their activity. Will be superseded by system limits if over 43,200 minutes (30 days) for Developer or Developer Pro or 525,600 minutes (365 days) for enterprise plans.