ZTrust Documentation

User Manual - ZTrust V3.0
Release Notes
Frequently Asked Questions
User Manual - ZTrust V2.0
User Manual - ZTrust V1.0
- Guide to Navigation
  Realm Settings
  General
  Login
  Keys
  Email
  Themes
  RabbitMQ Config
  Localization
  Cache
  Tokens
  Client Registration
  Client Policies
  Security Defenses
  Clients
  Client Scopes
  Default Client Scopes
  Roles
  Realm Roles
  Default Roles
  Identity Providers
  User Federation
  Authentication
  Flows
  Bindings
  Required Actions
  Password Policy
  OTP Policy
  WebAuthn Policy
  WebAuthn Passwordless Policy
  CIBA Policy
  Groups
  Default Groups
  Users
  Sessions
  Realm Sessions
  Revocation
  Events
  Login Events
  Admin Events
  Config
  Import
  Export
- Admin Manual
  Creation of a Realm
  Creation of a User
  Login to Account Console
  How to set up Password Invalidator
  How to set up Password Policies
  How to set up Brute Force Detection feature
  How to enable the One-to-Many feature
  How to set up Multi-Factor Authentication
  Setup of ReCAPTCHA registration flow
  Setup of ReCAPTCHA login flow
  Setup of OTP Based Registration
  Setup of OTP Based Login
  Setup of QR Code Based Authentication
  Setup of Push Notification Based Authentication
  Setup of Biometric based Authentication
  How to setup Session Invalidator feature
  How to setup GDPR Compliant feature
  How to set up Social Media login
  How to setup Inactive User Tracking feature
  How to setup Archive Inactive User feature
  How to setup Delete Archived/Inactive User feature

Powered by GitBook

On this page

User Manual - ZTrust V3.0

Admin Manual

How to setup Session Invalidator feature

PreviousZTrust Authenticator App NextHow to setup GDPR Compliant feature

Last updated 6 months ago

This feature invalidates all prior sessions once the user logs in from a new device or location, ensuring that only the current session remains active. It also enhances the security as well.

Follow the below steps to set up Session Invalidator feature

Login to ZTrust Admin Console.
Click on Authentication.

Click on Duplicate and create a copy of Browser Flow.

Provide any name. For example - Session Invalidation and click on OK.

Click on Duplicate.

Delete all except the Session Invalidation Forms.

Click on Add step.

Select Advanced Session Invalidator.
Click on Add.
For Advanced Session Invalidator, make the requirement as Required.

For Advanced Session Invalidator, click on settings.

Mention the MAX Allowed session per user as 1. Enter the other details as required.

Click on Save.
Click on Action, and then Bind flow.

Select Browser flow from the dropdown menu.

Click on Save.

Session Invalidation feature is configured now.