AuthPoint Session Timeout
We used the excellent Configuration guide (see https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/AuthPoint/WordPress-saml_authpoint.html ) to set up a customer's WordPress website.
During Acceptance Testing, we noticed that the AuthPoint session on the browser seems to have a very long (might be up to 2 weeks) timeout. When we press the AuthPoint login a second time, it goes straight into WordPress without prompting for the PUSH or OTP. The obvious problem is that you can't change users on the same PC without deleting the session cookie on the browser - a risky proposition on a shared PC.
I suspect that the problem is related to the "logout" function in within wp-login.php of WordPress. That is, it logs out of WordPress, but does not log out of AuthPoint.
Adrian from Australia