There are two types of authentication timeouts for strongDM users: idle timeouts, which have to do with the idle time of an authenticated user; and session timeouts, which pertain to overall length of authenticated sessions. Note that these limitations are applied for human users, not service accounts.
The idle timeout will force Users to log out of the Client or Admin UI after a set amount of minutes of inactivity. For example:
- Client will log users out after 20 minutes of idleness.
- Admin UI will log users out after 20 minutes of idleness.
The session timeout will force Users to log out once their session reaches the pre-determined time limit. For example:
- Users must re-authenticate every eight hours.