Re-logging In

Updated March 13th 2017

The idea of re-logging in relates to when you decide that a user has become idle for an appropriate length of time and therefore that they need to re-authenticate in order to login and continue to use your site.

A bank, for instance, would probably have a session timeout of as little as 5 minutes or even less, at which point, they would redirect the user to the login page.

An e-commerce site might allow a longer idle time of anything from 30 minutes to several hours.

The decision for this session timeout is site specific and is a risk vs convenience decision, if you have integrated PixelPin, then after your decided session timeout, you should redirect to PixelPin using the normal OpenID Connect flow. With most plugins/frameworks, this will happen automatically since the login page would be displayed.