Configuring session timeouts¶
As an Administrator, you can configure session timeouts for Anaconda Enterprise platform users, to help you adhere to your organization’s security standards or enforce policies.
You’ll use the Administrative Console’s Authentication Center to set the various parameters related to session timeouts:
- Login to Anaconda Enterprise, click the Menu icon
in the top right corner, then click the Administrative Console link in the bottom of the slideout menu.
- Click Manage Users.
- Login to the Authentication Center using the Administrator credentials required to be able to access it.
- In the Configure menu on the left, select Realm Setting.
- Click the Tokens tab at the top to display the following:
- Use the available configuration options to specify maximum thresholds for each aspect of user sessions, including the following:
- Time limits for idle browser sessions and single sign on (SSO) tokens
- Lifespans for OpenID access tokens
- Time limits for login-related actions, such as resetting a forgotten password
| Configuration option | Description |
|---|---|
| Revoke Refresh Token | If enabled, limits refresh tokens to one-time use |
| SSO Session Idle | User will be logged out of session if inactive for this length of time |
| SSO Session Max | Maximum time a user session can remain active, regardless of activity |
| Offline Session Idle | Amount of time an offline session can be idle before the access token is revoked |
| Access Token Lifespan | Amount of time an access token will remain valid, before expiring |
| Access Token Lifespan For Implicit Flow | Timeout for access tokens created with Implicit Flow–no refresh token is provided |
| Client login timeout | Maximum time a client can take to complete the authorization process |
| Login timeout | Maximum time a user can take to authenticate before the process restarts |
| Login action timeout | Maximum time a user can spend on any one page in the authentication process |
| User-Initiated Action Lifespan | Maximum time before a user-initiated action (e.g., forgot password email) expires |
| Default Admin-Initiated Action Lifespan | Maximum time before an admin-initiated action (e.g., issue token to user) expires |
| Override User-Initiated Action Lifespan | Use to optionally configure different timeouts for each user-initiated action |
- Click Save to save your changes to the Anaconda Enterprise platform.