Timeout is important session state setting in the web.config file. It specifies the number of minutes that ASP.NET will wait, without receiving a request, before it abandons the session.

C# 8.0 and .NET Core 3.0 – Modern Cross-Platform Development: Build applications with C#, .NET Core, Entity Framework Core, ASP.NET Core, and ML.NET using Visual Studio Code, 4th Edition
ASP.NET Core 3 and Angular 9: Full stack web development with .NET Core 3.1 and Angular 9, 3rd Edition
C# in Depth, 4th Edition


<?xml version=”1.0” encoding=”utf-8” ?>
     <!— other settings are omitted. —>
        cookieless=”AutoDetect” cookieName=”ASP.NET_SessionID”
        sqlConnectionString=”data source=;Integrated Security=SSPI”
        sqlCommandTimeout=”30” allowCustomSqlDatabase=”false”


This parameter is one of the most important, because a difference of minutes can have an impressive effect on the load of the web server and performance of the web application. Ideally, software developer should choose a timeframe that is short enough to allow the server to recover valuable memory after a client stops using the application but long enough to allow a client to pause and continue session without losing it.

Software developer can also programmatically change the session timeout in code:

Session.Timeout  = 15;