Session management

Frontegg provides robust session management features out-of-the-box, offering you and your customers greater control over how users interact with your applications. These tools allow for secure and customizable session handling, enhancing both user experience and security.

With Frontegg's session management tools, you can:

• View and configure session attributes such as duration and the maximum number of active sessions per user.
• Revoke individual or all sessions for specific users.

What is a session?

A session represents the period during which a user interacts with an app. Sessions typically begin when an app is opened and track metrics such as:

• Duration and frequency of use.
• Device and location information.

Session data provides valuable insights for developers and administrators, such as:

• Average session duration.
• Peak usage times.

While sessions are essential for tracking user behavior, they must be managed securely to prevent vulnerabilities, such as leaving a session open for too long without activity.

Using sessions in Frontegg SDKs

These SDKs enable advanced session management features, such as session duration control and session revocation.

Unlocking session management features

Enhance user security by enabling certain users to manage session durations. Assign the Revoke User Sessions permission to specific roles, granting them control over session management.

Once the permission is assigned, enable session management features in the Profile, Users, and Security sections of the Builder. This allows authorized users to configure and manage sessions directly from the self-service portal. Click Review to Publish to apply the changes across your environments.

The permission unlocks the following capabilities in the self-service portal:

• Configuring session management settings.
• Viewing active user sessions.
• Ending specific or all user sessions.