diff --git a/README.md b/README.md
index 7b2067fc2dce7caf8dfebffdb728cae0a05ff610..3bfde16e14ba5284e58b9b339dca24fc7ca30f6c 100755
--- a/README.md
+++ b/README.md
@@ -46,6 +46,8 @@ Use this filter to read user mfa tokens from PrivacyIDEA server to state attribu
         ],
         'user_attribute' => 'eduPersonPrincipalName',
         'token_type_attr' => 'type',
+        //'connect_timeout' => 10, // optional, connect timeout in seconds
+        //'timeout' => 10, // optional, timeout in seconds
     ],
 ],
 ```
diff --git a/lib/Auth/Process/GetMfaTokensPrivacyIDEA.php b/lib/Auth/Process/GetMfaTokensPrivacyIDEA.php
index fa2c2a13ff79a79eb1765438cffe2de4d84ad642..b3f272f7dd83427bcc854cbbbb456a72cc62a59d 100644
--- a/lib/Auth/Process/GetMfaTokensPrivacyIDEA.php
+++ b/lib/Auth/Process/GetMfaTokensPrivacyIDEA.php
@@ -16,6 +16,10 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
     private const AS_PI_AUTH_TOKEN = 'auth_token';
     private const AS_PI_AUTH_TOKEN_ISSUED_AT = 'auth_token_issued_at';
 
+    private $connect_timeout = 0;
+
+    private $timeout;
+
     private $tokens_attr = 'mfaTokens';
 
     private $privacy_idea_username;
@@ -41,6 +45,8 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
         parent::__construct($config, $reserved);
 
         $config = Configuration::loadFromArray($config['config']);
+        $this->connect_timeout = $config->getInteger('connect_timeout', $this->connect_timeout);
+        $this->timeout = $config->getInteger('timeout', $this->timeout);
         $this->tokens_attr = $config->getString('tokens_Attr', $this->tokens_attr);
         $this->privacy_idea_username = $config->getString('privacy_idea_username');
         $this->privacy_idea_passwd = $config->getString('privacy_idea_passwd');
@@ -106,6 +112,10 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
         }
 
         $ch = curl_init();
+        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->connect_timeout);
+        if (null !== $this->timeout) {
+            curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
+        }
         curl_setopt($ch, CURLOPT_URL, $this->privacy_idea_domain . '/auth');
         curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
         $paramsJson = json_encode($data);
@@ -127,6 +137,10 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
     private function getPrivacyIdeaTokensByType($state, $type, $admin_token)
     {
         $ch = curl_init();
+        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->connect_timeout);
+        if (null !== $this->timeout) {
+            curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
+        }
         curl_setopt($ch, CURLOPT_URL, $this->privacy_idea_domain . '/token/?user=' .
             $state['Attributes'][$this->user_attribute][0] . '&active=True&type=' . $type);
         curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');