User Session Expiration
Default Behavior
By default, when a user logs into FileCloud, their session remains authenticated for a specified amount of time.
| Device | Time Session is Valid |
|---|---|
| Web Browser | Specified by the value in Session Timeout in minutes setting. If the browser is closed, the session expires. |
| All other apps and clients | Doesn't expire. Session lasts until user logs out from app. |
Enabling Session Expiration for all Devices
In FileCloud version 19.3 and earlier session timeout was measured in days; in FileCloud version 20.1 and later, it is measured in minutes.
If you want all login sessions for all user devices (including web browsers) to expire and require re-login, set the policy to Enforce Session Timeout for All Devices.
- Go to Settings > Policies.
- Open the policy for edit.
- Click the User Policy tab.
- In order to enable the Enforce Session Timeout for Devices setting, scroll down to the setting Enable code based device authentication and set it to YES.
Now Enforce Session Timeout for Devices is enabled. - Set Enforce Session Timeout for All Devices to YES.
- Click Save.
Note: We don't recommend requiring session expiration for devices and other clients as it might impact functionality and reduce user friendliness.
| Device | Time Session is Valid |
|---|---|
| Web Browser | Specified by the value in Session Timeout in minutes setting. If the browser is closed, the session expires. |
| All other apps and clients | Specified by the value in Session Timeout in minutes setting. Note: When log in used username and password, app will automatically re-login, so the session will not appear to expire. When log in used Device Authorization code, app will require user to re-login into FileCloud using the web browser. |