Session Timeout Warning Modal
NFR System Overlay — fires at T-60s and T-30s · SRS §8.1 FR-57
1 2
State A · T-60s First Warning
⚠️
Session Expiring
60
seconds remaining
First warning fires at T-60s idle
3
State B · T-30s Urgent Warning
🚨
Session Expiring!
30
seconds remaining
⚠ Unsaved data will be lost
Second warning at T-30s · Red urgency
5
State C · Auto-Logout Toast
🔒
Session Expired
Your session expired due to inactivity. Please log in again.
Log In Again → SCR-04
Shown on SCR-04 after auto-logout
4 6
47
Your session is expiring
You'll be automatically logged out in 47 seconds due to inactivity. Any unsaved changes may be lost.
Session timeout: 5 min · Configurable in SCR-39 · SRS §8.1 FR-57
6

⚙️ Configuration & Open Point OP-12

Default: 5-minute idle timeout (FR-57)
Admin-configurable: SCR-39 Platform Config → Security & Session tab
Warning fires: T-60s (amber) and T-30s (red)
⚠️ Open Point OP-12: Confirm with client whether the 5-minute timeout applies globally to all screens or only to sensitive screens (payment SCR-09, KYC SCR-03/SCR-26). Sensitive-only mode would improve UX on browsing screens while still protecting financial flows. SRS §8.1 FR-57; SCR-39; Open point OP-12

Wireframe Annotations — SCR-36 · Session Timeout Warning Modal

P
Persona: All Roles (Session About to Expire) — Overlay shown to any logged-in user idle near the session timeout threshold. Especially critical during payment (SCR-09) or form entry (SCR-08) to prevent data loss — page content is visible but not interactive behind the overlay. SRS §8.1 FR-57
1
Timeout Warning Modal Overlay — Semi-transparent full-page backdrop with centred modal. First warning fires at T-60 seconds before expiry. Second fires at T-30 seconds. Backdrop blocks interaction with page content beneath but keeps it visible. SRS §8.1 FR-57
2
Countdown Timer — Large countdown number (seconds) with SVG progress ring. Real-time update. T-60s: amber; T-30s: red. Text: 'Your session will expire in [X] seconds due to inactivity.' SRS §8.1 FR-57
3
Stay Logged In CTA — Primary orange button. On click: session idle timer resets to full configured duration (default 5 min). Modal closes. User returns to current screen with all state preserved — critical for SCR-08/SCR-09 form data. SRS §8.1 FR-57
4
Log Out Now Option — Secondary button. On click: session ends immediately. User redirected to SCR-04 Login. Warning text shown below button: 'Any unsaved form data will be lost.' SRS §8.1 FR-57; §7.1 FR-4
5
Auto-Logout on No Action — If neither button is clicked: session auto-expires. User redirected to SCR-04 with informational toast: 'Your session expired due to inactivity. Please log in again.' SRS §8.1 FR-57
6
Configuration Note + OP-12 — Default 5-minute timeout. Admin-configurable in SCR-39 Security tab. Open Point OP-12: confirm with client whether timeout is global or sensitive-screens-only (payment/KYC). SRS §8.1 FR-57; SCR-39; Open point OP-12
← Previous
Screen 36 of 40 · Session Timeout Warning Modal
All Roles · Session Expiring
Next →