Session Management

Add an extra layer of control over user security by giving customer accounts the ability to manage the duration of user sessions.

Give certain users permission to manage the duration of user sessions by assigning the permission of revoke all user sessions.

Then, enable features in the Profile, Users, and Security sections of the Builder so that users with the permission have the ability to configure and manage user sessions from the Admin Portal.

The features in the Admin Portal that the permission unlocks include the following.

  • Configure session management settings
  • View user sessions
  • End specific user sessions

📘

Required Versions

@frontegg/react v4.0.27
@frontegg/angular v4.19.0
@frontegg/vue v1.0.19
@frontegg/next v5.8.0

Assign Permission

Give certain users the ability to manage user sessions by assigning the permission of revoke all user sessions to any role that you want to have that authority.

Go to Environments ➜ [NAME OF ENVIRONMENT] ➜ Authorization ➜ Permissions.

Check the box for each role that should have this permission.


Click save and publish to assign that permission to users who have a role with the permission.

📘

Here is a link to the development permissions and a link to the production permissions.


📘

Read more about Managing Permissions and Managing Roles.


Read below to learn how to enable the session management features in the Admin Portal for the users with the permission.

Enable Admin Portal

Enable session management in the Admin portal so that customer accounts can manage user sessions.

Profile

Enable customer accounts to view and manage sessions in Profile.

Go to Builder ➜ Profile and toggle privacy settings on.


In the Admin Portal, users with permission should now see sessions listed.


📘

Users can log out of sessions by clicking the log out button for a particular session.


Collaboration

Enable customer accounts to view and manage sessions in Collaboration.

Go to Builder ➜ Collaboration and toggle users on.

In the Admin Portal, users with permission should now see a list of users.

Click on a user's menu to sign out the user from all sessions.

Engagement

Enable customer accounts to configure session management settings in Engagement.

Go to Builder ➜ Engagement and toggle security on.

In the Admin Portal, users with permission should now see configuration options for session management.


📘

The default session duration is 24 hours.