## Assigning permissions and enabling session management

### Assigning permissions

To allow certain users to manage user sessions, assign the **Revoke User Sessions** permission to the relevant roles.

1. Open the **Frontegg portal**.
2. Navigate to [ENVIRONMENT] ➜ Configurations ➜ Entitlements ➜ Permissions.


![session-management-management-1](/assets/session-management-management-1.39d98f06b21d587dc24138ea9e4291020ab9c3cdc24dcbb6e672dff36d99f6e7.57cc11e7.png)

1. Locate and click on the **Revoke User Sessions** permission.


![session-management-management-3](/assets/session-management-management-3.99549b5fd47fd6c073333d7c97d5fd3fb26bfb19e80295c01317782ac423c3dd.57cc11e7.png)

1. Switch to the **Roles** tab and assign all relevant roles to this permission. Once finished, click on **Assign roles**.


![session-management-management-4](/assets/session-management-management-4.5f7af5d828a3eb02b589f5f17656654a2d43be987ff7b18fe0e90b7350605eb0.57cc11e7.png)

![session-management-management-5](/assets/session-management-management-5.a0057ac5236143c49542d921ff072033adb512ee6bff59c378fd69e8c88b4b83.57cc11e7.png)

1. Click **Save** and **Publish** to apply changes to the selected environment.


Once permissions are assigned, users with the specified roles will have the ability to:

- Configure session management settings.
- End other users' sessions.


Continue to the next section to enable session management features in the self-service portal.

### Enabling session management in the self-service portal

### **Personal**

Enable customer accounts to view and manage their own sessions.

1. Open the **Frontegg portal** and navigate to **Admin portal**.
2. Under the **Personal** section, toggle **Privacy & Security** to **On**.


![session-management-management-6](/assets/session-management-management-6.0b17bc08b8f1503bd1fd0dd0c3fede9d14dfea0930cb980911f806a888cc2ce6.57cc11e7.png)

Users will now see their active sessions listed in the self-service portal. They can log out of individual sessions or end all sessions simultaneously.

#### **Workspace**

Enable customer accounts to view and manage other users' sessions.

1. In the **Frontegg portal**, navigate to **Admin Portal**.
2. Under the **Workspace** section, toggle **Users** to **On**.


![session-management-management-7](/assets/session-management-management-7.6934295e8b43ca3657e389f6f702e2340bfe79d47ab40f905e85a836801f0cb8.57cc11e7.png)

Users with the required permission will now see a list of users. From the list, admins can sign out users from all their sessions by clicking the action menu for a specific user.

To allow session configuration:

1. In the **Frontegg portal**, navigate to **Admin Portal**.
2. Under the **Workspace** section, toggle **Security** to **On**.


![session-management-management-8](/assets/session-management-management-8.8ec50f66ef56365b681bf12ef1efc4b8c98733905c676d189a264747c6eb296e.57cc11e7.png)

Users with the required permission will now see configuration options for session management.

## Configure session management

Frontegg provides three key session management settings that can be configured to align with your application needs:

- **Idle Session Timeout**
- **Force Re-login**
- **Maximum Concurrent Sessions**


### Default behaviors

If no settings are configured, the defaults are as follows:

- **Idle Session Timeout**: Sessions remain active for 24 hours without activity.
- **Force Re-login**: Users stay logged in indefinitely.
- **Maximum Concurrent Sessions**: Users can open unlimited sessions.


Admins can adjust these settings in the **Frontegg portal** under Configurations ➜ Security ➜ Session management.

![session-management-management-9](/assets/session-management-management-9.fdb11ffd5b4e252cbaf359d1527124f67856c10d531a287ea08c2f71d909ab71.57cc11e7.png)

### Configuring session management settings

#### Idle session timeout

Defines how long a session can remain open without user activity. Once this time is exceeded, the session ends automatically.
We recommend setting this to a value under 24 hours.

**To configure Idle Session Timeout:**

1. Open the **Frontegg portal**.
2. Navigate to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ Session management.
3. Toggle the **Idle Session Timeout** switch to enable the feature.
4. Use the **+/-** buttons to set the duration in minutes, hours, or days.


![session-management-management-10](/assets/session-management-management-10.22faf423d333e616ed6da412480cad77ec8c4c83c6a2816ab35c097ae16ad59d.57cc11e7.png)

#### Force re-login

Sets the maximum duration of a session, regardless of activity. Once the time limit is reached, users are logged out.
We recommend setting this to a value under 90 days.

**To configure Force relogin:**

1. Open the **Frontegg portal**.
2. Navigate to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ Session management.
3. Toggle the **Force relogin** switch to enable the feature.
4. Use the **+/-** buttons to set the duration in days, hours, or minutes.


![session-management-management-11](/assets/session-management-management-11.4fa895a031ce9153f09078dbfaa23d0aaab88cd8b1192a238f9accbdb81c14ea.57cc11e7.png)

#### Maximum concurrent sessions

Limits the number of active sessions a user can have at the same time. If the limit is exceeded, the oldest session is terminated to allow a new one.
We recommend setting this to a value between 1 and 10.

**To configure Maximum Concurrent Sessions:**

1. Open the **Frontegg portal**.
2. Navigate to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ Session management.
3. Toggle the **Maximum Concurrent Sessions** switch to enable the feature.
4. Use the **+/-** buttons to specify the maximum number of sessions allowed.


![session-management-management-12](/assets/session-management-management-12.9719ae1737f7bd672674785305754524138fdc3aa6700b8e0360d9a4e1146ce2.57cc11e7.png)