Users are frequently logged out from the Atlassian Data Center or Server application after some time of inactivity.


Adjusting the Session Timeout

The session timeout defines the duration of inactivity of the session and there is a default configured value for it. If this is not the desired interval, the session timeout value could be adjusted in the web.xml file. 
The file is usually located in the following path:

  • Jira Server & Data Center: <JIRA_INSTALL>/atlassian-jira/WEB-INF/web.xml
  • Confluence Server & Data Center: <CONFLUENCE_INSTALL>/confluence/WEB-INF/web.xml
  • Bitbucket Server & Data Center: <BITBUCKET_INSTALL>/conf/web.xml
  • Bamboo Server: <BAMBOO_INSTALL>/atlassian-bamboo/WEB-INF/web.xml
  • Fisheye-Crucible: <FishEye home directory>/content/WEB-INF/web.xml

Find the below element and adjust its value (specified in minutes)



In Bitbucket this is handled differently:

Bitbucket Server 5.0

Starting with Bitbucket Server 5.0+, the configuration in web.xml is no longer used, and all changes are read from

Setting server.session.timeout=1800 in will adjust the default session timeout. This value is set in seconds.

Using the Atlassian RememberMe Cookie

You can use the SAML SSO RememberMe Cookie functionality. By enabling this functionality, a browser cookie (valid for 20 days) is created after an SSO login. This keeps the users logged in until they manually log out, which would remove the cookie.
However, please note that this contradicts the idea of SAML SSO, and should only be activated if required (e.g. in case the IdP cannot handle the number of login requests).

To enable it:

  • Go to the SAML Single Sign-On configuration page
  • Go to Advanced in the middle panel
  • Under Logged in Behavior section, mark the checkbox Set RememberMe Cookie 

There were a few cases where the Atlassian Bot Killer plugin was terminating sessions early but that issue has been worked fixed a while ago by us implementing a workaround.
Disabling the Bot Killer plugin could be a workaround if it's causing issues with the sessions being terminated, but again, it's rather unlikely to still happen.
Atlassian Bug Reference: