ZTrust Documentation
  • User Manual - ZTrust V3.0
    • Key Terminologies
    • Guide to Navigation
      • Clients
        • Clients List
        • Initial Access Token
        • Client Registration
      • Client Scopes
      • Realm Roles
      • Users
      • Groups
      • Sessions
      • Events
        • User events
        • Admin events
      • Realm Settings
        • General
        • Login
        • Email
        • Themes
        • Keys
        • Events
        • Localization
        • Security Defenses
        • Sessions
        • Tokens
        • Client Policies
        • User profile
        • User Registration
      • Authentication
        • Flows
        • Required Actions
        • Policies
      • Identity Providers
      • User Federation
    • Admin Manual
      • Creation of a Realm
      • Creation of a User
        • Login to Account Console
      • How to set up Password Invalidator
      • How to set up Password Policies
      • How to set up Brute Force Detection feature
      • How to enable the One-to-Many feature
      • How to set up Multi-Factor Authentication
        • Setup of ReCAPTCHA registration flow
        • Setup of ReCAPTCHA login flow
        • Setup of OTP Based Registration
        • Setup of OTP Based Login
        • Setup of QR Code Based Authentication
        • Setup of Push Notification Based Authentication
        • Setup of Biometric based Authentication
        • How to set-up 2FA Authentication
      • ZTrust Authenticator App
      • Self-Service Portal (SSP)
        • Authenticator Setup from Self-Service Portal
        • Set Your Profile Photo in Self-Servicce Portal
      • How to setup Session Invalidator feature
      • How to setup GDPR Compliant feature
      • How to set up Social Media login
      • How to setup Inactive User Tracking feature
      • How to setup Archive Inactive User feature
      • Role-Specific Attribute Based Access Control at client level
      • Self-Role Request at the Business Level
      • Self-Role Request at the Application Level
      • How to setup Delete Archived/Inactive User feature
      • Reporting Module
      • Geo Tagging and Fencing
      • Event Type
  • Release Notes
    • ZTrust V3.1.0
    • ZTrust V3.0.0
    • ZTrust V2.1.0
    • ZTrust V2.0.1
    • ZTrust V2.0.0
    • ZTrust V1.0.4
    • ZTrust V1.0.3
    • ZTrust V1.0.2
    • ZTrust V1.0.1
    • ZTrust V1.0.0
  • Frequently Asked Questions
  • User Manual - ZTrust V2.0
    • Key Terminologies
    • Guide to Navigation
      • Clients
        • Clients List
        • Initial Access Token
        • Client Registration
      • Client Scopes
      • Realm Roles
      • Users
      • Groups
      • Sessions
      • Events
        • User events
        • Admin events
      • Realm Settings
        • General
        • Login
        • Email
        • Themes
        • Keys
        • Events
        • Localization
        • Security Defenses
        • Sessions
        • Tokens
        • Client Policies
        • User profile
        • User Registration
      • Authentication
        • Flows
        • Required Actions
        • Policies
      • Identity Providers
      • User Federation
    • Admin Manual
      • Creation of a Realm
      • Creation of a User
        • Login to Account Console
      • How to set up Password Invalidator
      • How to set up Password Policies
      • How to set up Brute Force Detection feature
      • How to enable the One-to-Many feature
      • How to set up Multi-Factor Authentication
        • Setup of ReCAPTCHA registration flow
        • Setup of ReCAPTCHA login flow
        • Setup of OTP Based Registration
        • Setup of OTP Based Login
        • Setup Time-based One-Time Password (TOTP) Based Login
        • Setup of QR Code Based Authentication
        • Setup of Push Notification Based Authentication
        • Setup of Biometric based Authentication
        • How to set-up 2FA Authentication
      • How to setup Session Invalidator feature
      • How to setup GDPR Compliant feature
      • How to set up Social Media login
      • How to setup Inactive User Tracking feature
      • How to setup Archive Inactive User feature
      • How to setup Delete Archived/Inactive User feature
      • Role-Specific Attribute Based Access Control at client level
      • Reporting Module
      • Geo Tagging and Fencing
      • Event Type
  • User Manual - ZTrust V1.0
    • Guide to Navigation
      • Realm Settings
        • General
        • Login
        • Keys
        • Email
        • Themes
        • RabbitMQ Config
        • Localization
        • Cache
        • Tokens
        • Client Registration
        • Client Policies
        • Security Defenses
      • Clients
      • Client Scopes
        • Default Client Scopes
      • Roles
        • Realm Roles
        • Default Roles
      • Identity Providers
      • User Federation
      • Authentication
        • Flows
        • Bindings
        • Required Actions
        • Password Policy
        • OTP Policy
        • WebAuthn Policy
        • WebAuthn Passwordless Policy
        • CIBA Policy
      • Groups
        • Default Groups
      • Users
      • Sessions
        • Realm Sessions
        • Revocation
      • Events
        • Login Events
        • Admin Events
        • Config
      • Import
      • Export
    • Admin Manual
      • Creation of a Realm
      • Creation of a User
        • Login to Account Console
      • How to set up Password Invalidator
      • How to set up Password Policies
      • How to set up Brute Force Detection feature
      • How to enable the One-to-Many feature
      • How to set up Multi-Factor Authentication
        • Setup of ReCAPTCHA registration flow
        • Setup of ReCAPTCHA login flow
        • Setup of OTP Based Registration
        • Setup of OTP Based Login
        • Setup of QR Code Based Authentication
        • Setup of Push Notification Based Authentication
        • Setup of Biometric based Authentication
      • How to setup Session Invalidator feature
      • How to setup GDPR Compliant feature
      • How to set up Social Media login
      • How to setup Inactive User Tracking feature
      • How to setup Archive Inactive User feature
      • How to setup Delete Archived/Inactive User feature
Powered by GitBook
On this page
  1. User Manual - ZTrust V1.0
  2. Admin Manual

How to setup Session Invalidator feature

PreviousSetup of Biometric based AuthenticationNextHow to setup GDPR Compliant feature

Last updated 1 year ago

This feature invalidates all prior sessions once the user logs in from a new device or location, ensuring that only the current session remains active. It also enhances the security as well.

Follow the below steps to set up Session Invalidator feature

  1. Login to ZTrust Admin Console.

  2. Click on Authentication.

  1. Click on Copy and create a copy of Browser Flow.

  1. Provide any name. For example - Session Invalidation and click on OK.

  1. Delete all except the Session Invalidation Forms.

  1. Click on Add execution.

  1. Click on dropdown for Provider and select - Advanced Session Invalidator.

Field Name
Mandatory (Yes/No)
Field Type
Description

Provider

Yes

Dropdown

Enter the configuration that is needed.

  1. Click on Save.

  2. For Advanced Session Invalidator, make the requirement as Required.

  1. For Advanced Session Invalidator, click on Actions and then Config.

  1. Mention the MAX Allowed session per user as 1. Enter the other details as required.

  1. Click on Save.

  2. Click on Bindings.

Field Name
Mandatory (Yes/No)
Field Type
Description

Browser Flow

Yes

Dropdown

Select the process flow as required during Logging in

Registration Flow

Yes

Dropdown

Select the process flow as required during user registration

Direct Grant Flow

Yes

Dropdown

Select the process flow as required during

Reset Credentials

Yes

Dropdown

Select the flow as required during the credentials reset process

Client Authentication

Yes

Dropdown

Select the flow which you want to use for the Client Authentication flow

  1. Click on Browser Flow and select Session Invalidation from the dropdown.

  1. Click on Save.

Session Invalidation feature is configured now.