Set Log In Timeout
-
Availability
- Plan: Enterprise or Performance
-
Roles and Permissions
- Add/Edit/Delete: Admins only
Setting a Login Timeout can help increase security by allowing you to set a time limit on how long your user accounts can sit inactive. Once the timeout has elapsed users are forcibly logged out and must login with a user name and password or SSO before the can access your ProdPad account.
The Login Timeout duration can be set either in ProdPad or via SAML assertions from your Identity Provider.
Configuring Login Time Out in ProdPad
- Go to your profile picture and select Account Settings > Security tab > Login Timeout.
- Click the toggle next to the label "Login timeout is disabled" if the setting is currently disabled
- You can now set the length of time for your global timeout setting. The timeout defaults to 365 days when enabled, any update to the timeout value when enabling the Login Timeout feature must be set between 5 minutes and 30 days.
- If you have a SAML SSO authentication set up you can also set to have the user's timeout setting dictated via a SAML assertion, see below for how to configure this.
- Click Save.
Setting Login timeout via a SAML assertion
Setting a users login timeout value via a SAML assertion requires the creation of a customer attribute/parameter in the IdP configuration for your SAML / ProdPad app.
ProdPad will expect to receive an attribute named Session.InactivityTimeoutInSeconds
and the value of this attribute must be a numerical value in seconds.
If ProdPad receives a valid timeout value it will override the global timeout setting and use the user's timeout setting instead.