Assigning permissions and enabling session management
Assigning permissions
To allow certain users to manage user sessions, assign the Revoke User Sessions permission to the relevant roles.
- Open the Frontegg portal.
- Navigate to [ENVIRONMENT] ➜ Configurations ➜ Entitlements ➜ Permissions.
- Locate and click on the Revoke User Sessions permission.
- Switch to the Roles tab and assign all relevant roles to this permission. Once finished, click on Assign roles.
- Click Save and Publish to apply changes to the selected environment.
Once permissions are assigned, users with the specified roles will have the ability to:
- Configure session management settings.
- End other users' sessions.
Continue to the next section to enable session management features in the self-service portal.
Enabling session management in the self-service portal
Personal
Enable customer accounts to view and manage their own sessions.
- Open the Frontegg portal and navigate to Admin portal.
- Under the Personal section, toggle Privacy & Security to On.
Users will now see their active sessions listed in the self-service portal. They can log out of individual sessions or end all sessions simultaneously.
Workspace
Enable customer accounts to view and manage other users' sessions.
- In the Frontegg portal, navigate to Admin Portal.
- Under the Workspace section, toggle Users to On.
Users with the required permission will now see a list of users. From the list, admins can sign out users from all their sessions by clicking the action menu for a specific user.
To allow session configuration:
- In the Frontegg portal, navigate to Admin Portal.
- Under the Workspace section, toggle Security to On.
Users with the required permission will now see configuration options for session management.
Configure session management
Frontegg provides three key session management settings that can be configured to align with your application needs:
- Idle Session Timeout
- Force Re-login
- Maximum Concurrent Sessions
Default behaviors
If no settings are configured, the defaults are as follows:
- Idle Session Timeout: Sessions remain active for 24 hours without activity.
- Force Re-login: Users stay logged in indefinitely.
- Maximum Concurrent Sessions: Users can open unlimited sessions.
Admins can adjust these settings in the Frontegg portal under Configurations ➜ Security ➜ Session management.
Configuring session management settings
Idle session timeout
Defines how long a session can remain open without user activity. Once this time is exceeded, the session ends automatically.
We recommend setting this to a value under 24 hours.
To configure Idle Session Timeout:
- Open the Frontegg portal.
- Navigate to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ Session management.
- Toggle the Idle Session Timeout switch to enable the feature.
- Use the +/- buttons to set the duration in minutes, hours, or days.
Force re-login
Sets the maximum duration of a session, regardless of activity. Once the time limit is reached, users are logged out.
We recommend setting this to a value under 90 days.
To configure Force relogin:
- Open the Frontegg portal.
- Navigate to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ Session management.
- Toggle the Force relogin switch to enable the feature.
- Use the +/- buttons to set the duration in days, hours, or minutes.
Maximum concurrent sessions
Limits the number of active sessions a user can have at the same time. If the limit is exceeded, the oldest session is terminated to allow a new one.
We recommend setting this to a value between 1 and 10.
To configure Maximum Concurrent Sessions:
- Open the Frontegg portal.
- Navigate to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ Session management.
- Toggle the Maximum Concurrent Sessions switch to enable the feature.
- Use the +/- buttons to specify the maximum number of sessions allowed.
