|
| 1 | +--- |
| 2 | +page_id: 6f5b7b0d-3818-4654-a1a1-3247a5e4d52a |
| 3 | +title: Session management per organization |
| 4 | +sidebar: |
| 5 | + order: 8 |
| 6 | +relatedArticles: |
| 7 | + - 76e2d2d3-830a-43b0-8b7b-8d0b0316b776 |
| 8 | + - 5a248c6f-c1ae-480a-95c3-d3c69c81598d |
| 9 | + - 4ed081b0-7853-49be-b5fd-22a84a86bdad |
| 10 | +--- |
| 11 | + |
| 12 | +You can change Kinde authenticated session configuration at the organization level as well as the environment level. An authenticated session (or SSO session) is the time during which a user is authenticated via Kinde, regardless of their activity. You can define if a session persists even after a browser is closed, and how long can lapse before making the organization's user re-authenticate. |
| 13 | + |
| 14 | +These settings only apply to Kinde sessions and not sessions you maintain through your own application. |
| 15 | + |
| 16 | +## Limitations of Kinde session configuration |
| 17 | + |
| 18 | +- Session cookies are not destroyed when a tab is closed, the full browser window must be closed. |
| 19 | +- Modern browsers usually allow session restoration. Restoring a browser session can also restore a session cookie. |
| 20 | + |
| 21 | +## Manage SSO session behaviors and policies per organization |
| 22 | + |
| 23 | +When you change session settings at the organization level, this overrides session settings at the environment level. |
| 24 | + |
| 25 | +1. In Kinde, go to **Organizations** and open the orgnization who's session settings you want to configure. |
| 26 | +2. Select **Sessions** in the side menu. |
| 27 | +3. In the **SSO sessions** section, decide on the policy for session cookies. A persistent session leaves the cookie active when the browser is closed. A non-persistent session is terminated when the browser window closes (unless the limitations listed above apply). |
| 28 | +4. In the **Session inactivity timeout** section, set how long a session can be inactive before prompting re-authentication. This setting is applied in seconds - where 3,600 seconds is one hour; 86,400 seconds is one day. |
| 29 | +5. When you're finished, select **Save**. |
| 30 | + |
| 31 | +The session settings will now be applied to members of this organization. |
| 32 | + |
| 33 | +## Manage organization session behavior via API |
| 34 | + |
| 35 | +Use this endpoint to update session settings [via API](https://docs.kinde.com/kinde-apis/management/#tag/organizations/patch/api/v1/organizations/{org_code}/sessions/). `PATCH /api/v1/organizations/{org_code}/sessions` |
0 commit comments