An inactivity timeout is a security measure to ensure that users do not stay logged in after extended inactivity.
Any API request is considered activity, which includes page views, edits, adding an attachment, changing a content ID, creating a user, etc. The only activity not registered with the inactivity timeout is logging out.
When a cookie is set within MindTouch, it is set to 7 days by default. When activity is detected, the session is extended but still capped at 7 days from when the cookie was originally set.