There are three approaches in Pega Platform to achieve "timeouts" as far as I know. Can anyone please explain when to use one approach over the others? I am excluding requestor timeouts in this topic as it is irrelevant.
(1) Access Group timeouts (Specify seconds in access group rule form)
(2) pxSessionTimer (Include @baseclass.pySessionTimer section at the bottom of pyPortalHeader section)
(3) Authentication Activity (Write a custom activity and reference it from Authentication Service rule form)
If you use Access Group timeout, the session will end with out any notification on the UI. The log out will not happen automatically. But when user clicks on any component in UI, then he will get logged out and user will see login screen. The timer runs on server side.
If you use pxSessionTimer, There will be an warning Model Window which shows up before logging out. Once the time is up, user will automatically logged out of the session and user will see the login screen. One drawback is, this will not work if the user goes sleep or hibernate, as the script timer just paused on hibernate or sleep. The script timer will be resumed once the system is active again. The timer runs on client side.