Configuring session timeouts

As an Administrator, you can configure session timeouts for Anaconda Enterprise platform users, to help you adhere to your organization’s security standards or enforce policies.

You’ll use the Administrative Console’s Authentication Center to set the various parameters related to session timeouts:

  1. Login to Anaconda Enterprise, click the Menu icon icon in the top right corner, then click the Administrative Console link in the bottom of the slideout menu.

  1. Click Manage Users.

  2. Login to the Authentication Center using the Administrator credentials required to be able to access it.

  3. In the Configure menu on the left, select Realm Setting.

  4. Click the Tokens tab at the top to display the following:

../../_images/realm-tokens.png

  1. Use the available configuration options to specify maximum thresholds for each aspect of user sessions, including the following:

  • Time limits for idle browser sessions and single sign on (SSO) tokens

  • Lifespans for OpenID access tokens

  • Time limits for login-related actions, such as resetting a forgotten password

Configuration option

Description

Revoke Refresh Token

If enabled, limits refresh tokens to one-time use

SSO Session Idle

User will be logged out of session if inactive for this length of time

SSO Session Max

Maximum time a user session can remain active, regardless of activity

Offline Session Idle

Amount of time an offline session can be idle before the access token is revoked

Access Token Lifespan

Amount of time an access token will remain valid, before expiring

Access Token Lifespan For Implicit Flow

Timeout for access tokens created with Implicit Flow–no refresh token is provided

Client login timeout

Maximum time a client can take to complete the authorization process

Login timeout

Maximum time a user can take to authenticate before the process restarts

Login action timeout

Maximum time a user can spend on any one page in the authentication process

User-Initiated Action Lifespan

Maximum time before a user-initiated action (e.g., forgot password email) expires

Default Admin-Initiated Action Lifespan

Maximum time before an admin-initiated action (e.g., issue token to user) expires

Override User-Initiated Action Lifespan

Use to optionally configure different timeouts for each user-initiated action

  1. Click Save to save your changes to the Anaconda Enterprise platform.