Configure session timeouts
Session timeouts control how long a user stays signed in to Atlan before they must authenticate again. Configuring them lets you align Atlan with your organization's session security policy. The settings apply to every user in the workspace regardless of whether they signed in via basic authentication or SSO. When a session expires, all tokens and browser sessions become invalid.
Prerequisites
- You are an admin in Atlan.
- Atlan uses defaults for any field you leave blank: you only need to set the values you want to change.
Configure session timeouts
-
In your Atlan workspace, click Settings from the left menu.
If you are using the Old UI (Classic), from the left menu, click Admin.
-
Click Authentication to open the authentication settings.
-
Next to Session settings, click the Edit button. The Change session settings dialog opens.
-
For each timeout you want to configure, enter a numeric value and pick a unit (Minutes, Hours, or Days) from the dropdown. All values accept between 1 minute and 30 days.
- Session idle timeout: how long a session can sit idle before it expires. Minimum 1 minute.
- Session max timeout: the total maximum lifetime of a session, regardless of activity. Must be equal to or greater than the idle timeout.
- Remember me session idle timeout: idle timeout for sessions where the user checked "Remember me" at sign-in. Leave blank to use the default (7 days).
- Remember me session max timeout: maximum lifetime for Remember-me sessions. Must be equal to or greater than the Remember-me idle timeout. Leave blank to use the default (4,745 days).
-
Click Save changes. The new values apply to all subsequent sign-ins immediately. Existing sessions are not invalidated and continue under whatever settings were in effect when they were created.
Need help?
If users are being signed out sooner than expected, check whether their IdP is enforcing a shorter timeout. SSO sessions cannot outlive the IdP-side session. Contact Atlan Support if Atlan's session settings aren't behaving as configured.
See also
- Set up authentication: Configure SSO before tuning session timeouts in a production workspace.
- Restrict auto user creation: Lock down who can be auto-provisioned via SSO.