spec checked
W3C WCAG 2.2 Understanding Success Criterion 2.2.5: Re-authenticating
Documents preserving user activity and data through re-authentication, reinforcing that exit and session-boundary warnings should protect context rather than merely announce loss.
Pattern Decisions This Source Supports
| Pattern | Supported decision | Required contract | Claim note |
|---|---|---|---|
| Exit warning | Choose exit warning when departure has already been attempted and leaving would lose work or context that is not safely recoverable. | The warning appears only after a departure attempt or immediately before a known session boundary that could cause loss. | W3C documents preserving user activity after re-authentication. |
| Session timeout | Choose session timeout when the authenticated session has already expired or been terminated and the next valid path is sign-in, reauthentication, restart, or safe task restoration. | The timeout state is driven by server or identity-provider session validity, not by a cosmetic client-only overlay. | Supports reauthentication recovery without loss of user activity or data. |
| Session timeout warning | Choose session timeout warning when the session is approaching an inactivity, absolute, device-lock, or reauthentication boundary that can interrupt authenticated work. | The warning is driven by the authoritative session or identity state, not only a local countdown. | W3C documents preserving user activity after reauthentication. |
Evidence Role
This source is treated as spec evidence. Use it to validate the decision rules above, not as a visual style reference.
Publisher: World Wide Web Consortium. Last checked: .