I'm not sure why you want such a short timespan for this as the web session doesn't really take up much if any in terms of resources, so that's why it's set at a default of 240. But in any case, I believe that the limit set via tabadmin is not down to an exact minute as Tableau Server has internal cleanup processes that are activated once every 20 minutes. You can view this under the built-in admin reports (background tasks for non-extracts), and look for "purge expired wg sessions". So if the wgsession expired at let's say 8:05am, and the cleanup process runs at 8am, then again at 8:20am, then the wg session gets a 15 minute grace.
It's got nothing to do with resources or the internal cleanup processes. I am simply looking for Idle session of any user logged-in to be killed (log out of Tab Server) if it crosses 15 minute mark. This is one of the requirements that I need to meet. Is there not a solution for it? Not looking to kill any other processes that Tableau Server is running in background including "purge expired wg sessions" for cleanup process - these can remain active.
I'm not 100% certain on this, but if you're using SAML I believe you'll need to modify the "maxAuthenticationAge" value on the IdP side of things and make sure it matches the wgserver.saml.maxauthenticationage value on the Tableau Server side.
tabadmin set wgserver.session.idle_limit 15
tabadmin set wgserver.session.lifetime_limit 120
tabadmin set wgserver.session.apply_lifetime_limit true
You need to set lifetime_limit to false, otherwise what you do is you set session limit to 15 minutes, then you change the lifetime session limit to 120 minutes and finally you force the server to use lifetime limit instead of the 15 minutes you set earlier.