How do I set the User Idle Timeout for Azure App Service

I have an Application Gateway that in front sits of a Azure App Service.

When a end user logs in to the Web-Application via a browser I want the user to be signed-out after X number of minutes of the session being idle - no user input.

The front end users of the Web-Site are setup in Entra.

I found this article https://community.spiceworks.com/topic/2214761-azure-apps-user-auto-log-off-after-inactivity

I am not sure if time-out can be set at Az app service level and not at the Entra user level ??

If you are using Azure AD Tokens, they are stateless by nature and hold their expiry within themselves. There is a feature (in preview) that allows you to configure the lifetime of these tokens that you could explore.

But apart from that, you essentially have two options

1. Track idle time on the client-side JS code if possible, and auto-logout users
2. Ensure the Access Token has its creation time in the last hour on the server side

On the other end, if you are using your own tokens (and store), you can setup TTS rules for them to expire in an hour.