Focus Without Distraction: Newly Extended Blackbaud ID Inactivity Timeout!
Upon further review, they determined that PCI DSS requires only an “appropriate” — not a set 15 minutes — timeout for those using Blackbaud ID-supported solutions. Based on conversations with customers and key stakeholders across multiple solutions, they identified 90 minutes as an appropriate inactivity timeout. As a result, Blackbaud ID now times out after 90 minutes of inactivity instead of 15!
Has the timeout been extended for Blackbaud hosted solutions (eg RE7) or Raiser’s Edge or Financial Edge NTX’s Database View?
Not yet. We intend to extend the timeout beyond 15 minutes for other Blackbaud experiences. This would include Raiser’s Edge NXT & Financial Edge NXT Database View. We will be rolling out updates in time. Exact timing is to be determined, however we will keep the communities posted as the release details unfold.
What happens if I use single sign-on (SSO) through Blackbaud ID and the inactivity timeout/time-to-live (TTL) of my identity provider (IdP) is less than 90 minutes?
Your Blackbaud ID automatically signs out after 90 minutes of inactivity, regardless of your IdP's TTL.
Does SSO through Blackbaud ID support single log-out (SLO)?
Blackbaud ID's SSO capability doesn't currently support SLO. To completely sign out, sign out of both your Blackbaud ID and your IdP separately.
Thanks for your time (including the extra 75 minutes)!