3.9.9 Sessions

The Sessions settings in ZTrust allow administrators to configure session durations, idle timeouts, and login limits. These configurations control how long users, clients, and offline sessions remain active or idle before expiration. Proper session management enhances both security and user experience.

SSO Session Idle

Description - The duration of inactivity before an SSO session expires. Tokens and browser sessions are invalidated when the session expires.
Default Behavior - Resets automatically upon authentication or token refresh.
Duration Unit - Minutes / Hours / Days

SSO Session Max

Description - The maximum duration an SSO session can remain active, regardless of user activity. Once exceeded, both tokens and sessions are invalidated.
Default Behavior - If exceeded, users must re-authenticate.
Duration Unit - Minutes / Hours / Days

SSO Session Idle Remember Me

Description - Defines the idle timeout for Remember Me sessions. If unset, the standard SSO Session Idle value applies.
Default Behavior - Defaults to SSO Session Idle if not configured.
Duration Unit - Minutes / Hours / Days

SSO Session Max Remember Me

Description - Sets the maximum duration for a Remember Me session before expiration.
Default Behavior - Defaults to SSO Session Max if not configured.
Duration Unit - Minutes / Hours / Days

Client Sessions

Client sessions control how long application-specific sessions remain active.

Description - Duration a client session can remain idle before expiration. Tokens are invalidated once expired.
Default Behavior - Defaults to SSO Session Idle if not set.
Duration Unit - Minutes / Hours / Days

Client Session Max

Description - Maximum duration a client session can remain active, regardless of activity. Tokens are invalidated once expired.
Default Behavior - Defaults to SSO Session Max if not set.
Duration Unit - Minutes / Hours / Days

This refers to the maximum duration for which a Client Session remains active before expiration.

Tokens are invalidated once the session expires.

If not set, it defaults to the Standard SSO Session Max value.

You can adjust the values and select the duration unit from the dropdown menu as required.

Offline Session Idle

Description - The duration an offline session can remain idle before expiration. Offline tokens must be refreshed within this period to maintain validity.
Default Behavior - If not refreshed within the set duration, the session expires.
Duration Unit - Minutes / Hours / Days

Offline Session Max Limited

Description - A toggle setting: • ON → Enables the Offline Session Max duration limit. • OFF → Offline sessions expire only due to inactivity.
Default Behavior -Disabled by default
Duration Unit - N/A

Offline Session Max

Description - The maximum duration an offline session remains active, regardless of user activity.
Default Behavior - Requires Offline Session Max Limited to be enabled.
Duration Unit - Minutes / Hours / Days

You can customize this duration and select the unit (Minutes, Hours, or Days) from the dropdown menu as per your requirements.

Description - Maximum time allowed for a user to complete the login process. If exceeded, users must restart authentication.
Default Behavior - Recommended: 30 minutes
Duration Unit - Minutes / Hours / Days

Description - Maximum duration users have to complete login-related actions, such as updating passwords or configuring TOTP.
Default Behavior -Recommended: 5 minutes or more
Duration Unit - Minutes / Hours / Days

Save and Revert

Save → Click Save to apply the updated session configurations.
Revert → Click Revert to discard any unsaved changes.

Previous3.9.8 Security Defenses Next3.9.10 Tokens

Last updated 4 months ago

hashtagSSO Session Max

hashtagSSO Session Idle Remember Me

hashtagSSO Session Max Remember Me

hashtagClient Sessions

hashtagClient Session Max

hashtagOffline Session Idle

hashtagOffline Session Max Limited

hashtagOffline Session Max

hashtagLogin Timeout

hashtagLogin Action Timeout

hashtagSave and Revert