Skip to content

Configuring Session Lengths

Session management details enforce browser-level security for your Identity Security Cloud site. By default, Identity Security Cloud is configured with these settings:

  • Maximum Session Length: 12 hours, and sessions end when the user closes the window
  • Idle Session Expiration: 15 minutes

You can edit these values for your organization's requirements. Changes are applied when users sign out and sign back in. They are not applied to active sessions.

To update the maximum session length or the idle expiration:

  1. Go to Admin > Global > Security Settings > Session Management.

  2. For Maximum Session Length, specify the maximum length of time a user's session can remain active.

    The maximum time allowed is 7 days.

  3. Use the End the session when the browser is closed checkbox to define whether closing the browser automatically terminates the user's session.

    • If this option is not selected, users will be able to access Identity Security Cloud without reauthenticating as long as the session is valid.

    • If this checkbox is selected, users will be signed out on closing the browser window. Additionally, the Remember Me checkbox on the sign-in page disappears, so that users are always required to enter their usernames before authenticating into the SaaS Platform.

    Important

    This option is not enforced when users sign in with a browser configured to retain session cookies, such as with the Chrome "Continue where you left off" startup option. Those users, including admins, can resume their session upon reopening the tab or browser.

  4. Under Idle Session Expiration, specify the length of time a user's browser session can remain idle before they are automatically signed out of SailPoint's SaaS platform.

    Notes

    • Any interaction with the page, including moving the mouse over the browser window, is treated as activity that resets the idle timeout clock.
    • Sessions could extend for up to 15 minutes longer than the specified idle session expiration duration while the authentication token expires.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.