Question

Redirect to different login page after session timeout for specific users

0

Hello Experts, In Mendix, when a user session times out, the app redirects to the Login page configured in Navigation. I need to redirect specific users to a different custom login page after session timeout, while other users should still go to the default login page. Is there any supported way to do a login page redirect on session timeout?If not, what is the recommended pattern.

asked 2026-01-17

Pragadeesh Boopathi

3 answers

Ahmet Kudu · Answer 1 · 2026-01-18

There doesn’t seem to be a clear or supported way to redirect users to different login pages directly after a session timeout.

My recommendation is to use a single login page in Navigation. When this login page is opened, you can check the URL and see whether it differs from a normal login (for example, by the presence of additional parameters or values). If such a difference is detected, you can treat it as a forced login caused by a session timeout. After the user logs in successfully, a microflow can then be used to route the user to the appropriate page based on their role or user type.

Nick Meuter · Answer 2 · 2026-01-19

There is a widget called idle timer, maybe this one can help you

Mohammad Abdul Ghafour · Answer 3 · 2026-01-21

Hi Pragadeesh,

There is a workaround you can use with cookies to handle conditional redirects after session timeout.

Post-login landing page:

Redirect all users to a specific landing page immediately after login.
On this page, run a nanoflow event that executes a JavaScript action to set a cookie.

Example JS: document.cookie = "loginTarget=internal; path=/; SameSite=Lax";

Here, you can set the value based on the user type, e.g., 'internal' or 'external'.
The cookie will remain alive while the browser is open.
You can also add attributes like max-age to control the cookie lifetime if needed.
After the JS finishes, you can perform a role-based redirect to navigate the user to their actual home page.

This approach ensures that the JS runs only once after login, while also capturing the user type for handling redirects after session timeout.

Login page behavior after logout or session timeout:

On the login page, run an event (e.g., via nanoflow + JS action) to read the cookie: const loginTarget = document.cookie .split("; ") .find(row => row.startsWith("loginTarget=")) ?.split("=")[1];
This will return the value you stored ('internal' or 'external').
Depending on this value, you can either:
- Keep the user on the default login page, or
- Redirect them to another custom login page.

Why this works:

Cookies are persistent, even after logout or session timeout.
You don’t rely on the session, which is already deleted on timeout and cannot be caught.
You can safely control the post-login and post-timeout redirect based on the cookie value.

I hope this works for you, and let me know if you have any questions.