How to Configure Session Policy

This document explains session policy options, including idle timeout, concurrent session limits, login attempt limits, lockout duration, and IP allow/deny lists.

Session policy settings control how long sessions stay active and how users can sign in. To make the policy stricter, tighten the limits below.

Idle session timeout (session-hours). Decrease the value to shorten the idle time before the session expires.
One session per user. Enable it to prevent multiple sessions in the same browser.
One session per user per IP. Enable it to limit the user to one session per IP address.
Max login attempts before lockout (max-login-attempts). Decrease the value to lock users sooner after failed attempts.
Lockout time (max-attempts-timeout-minutes). Increase the value to keep users locked out longer.
Allowed IP addresses. Limit access to specific IP addresses.
Blocked IP addresses. Deny access from specific IP addresses.

PreviousHow to Configure Password Policy NextHow to Delete an Account

Last updated 1 month ago