Merge pull request #418 from kinde-oss/Feat/Token-management-per-org

Feat/token management per org

Author: clairekinde11

src/content/docs/authenticate/manage-authentication/session-management-per-organization.mdx

@@ -0,0 +1,35 @@
+---
+page_id: 6f5b7b0d-3818-4654-a1a1-3247a5e4d52a
+title: Session management per organization
+sidebar:
+  order: 8
+relatedArticles:
+  - 76e2d2d3-830a-43b0-8b7b-8d0b0316b776
+  - 5a248c6f-c1ae-480a-95c3-d3c69c81598d
+  - 4ed081b0-7853-49be-b5fd-22a84a86bdad
+---
+
+If you are on the Kinde Scale plan, you can change Kinde authenticated session configuration at the organization level as well as the environment level. An authenticated session (or SSO session) is the time during which a user is authenticated via Kinde, regardless of their activity. You can define if a session persists even after a browser is closed, and how long can lapse before making the organization's user re-authenticate.
+
+These settings only apply to Kinde sessions and not sessions you maintain through your own application.
+
+## Limitations of Kinde session configuration
+
+- Session cookies are not destroyed when a tab is closed, the full browser window must be closed.
+- Modern browsers usually allow session restoration. Restoring a browser session can also restore a session cookie.
+
+## Manage SSO session behaviors and policies per organization
+
+When you change session settings at the organization level, this overrides session settings at the environment level.
+
+1. In Kinde, go to **Organizations** and open the organization whose session settings you want to configure.
+2. Select **Sessions** in the side menu.
+3. In the **SSO sessions** section, decide on the policy for session cookies. A persistent session leaves the cookie active when the browser is closed. A non-persistent session is terminated when the browser window closes (unless the limitations listed above apply).
+4. In the **Session inactivity timeout** section, set how long a session can be inactive before prompting re-authentication. This setting is applied in seconds - where 3,600 seconds is one hour; 86,400 seconds is one day.
+5. When you're finished, select **Save**.
+
+The session settings will now be applied to members of this organization.
+
+## Manage organization session behavior via API
+
+Use this endpoint to update session settings [via API](https://docs.kinde.com/kinde-apis/management/#tag/organizations/patch/api/v1/organizations/{org_code}/sessions/). `PATCH /api/v1/organizations/{org_code}/sessions`

src/content/docs/authenticate/manage-authentication/session-management.mdx

@@ -4,14 +4,15 @@ title: Session management
 sidebar:
   order: 7
 relatedArticles:
+  - 6f5b7b0d-3818-4654-a1a1-3247a5e4d52a 
   - 5a248c6f-c1ae-480a-95c3-d3c69c81598d
   - 4ed081b0-7853-49be-b5fd-22a84a86bdad
-  - 50284476-2442-414c-af20-01ed3ef4ca4e
 ---
 
 You can manage Kinde authenticated sessions via your application settings. An authenticated session (or SSO session) is the time during which a user is authenticated via Kinde, regardless of their activity. You can define if a session persists even after a browser is closed, and how long can lapse before making a user re-authenticate.
 
 These settings only apply to Kinde sessions and not sessions you maintain through your own application.
+If you want, you can [change session settings for an organization](/authenticate/manage-authentication/session-management-per-organization/), without affecting other organizations. 
 
 ## Limitations