Okta portal session time-out Skip to main content
https://support.okta.com/help/answers?id=906f0000000i0nqiak&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Alex ShchukinAlex Shchukin 

Okta portal session time-out

Is there a way to configure Okta portal session time-out for users and admins?
Best Answer chosen by Niki (Okta, Inc.) 
Eric KarlinskyEric Karlinsky (Okta, Inc.)

Hey Alex - 

Yes, you can use the Okta Sign-On Policy to define the session duration on a per-group basis. The setting looks something like this:
User-added image
Check out the Sign-On Policy (https://support.okta.com/help/articles/Knowledge_Article/99245886-Configuring-Sign-On-Policies) help article for more details.

Eric

All Answers

Srinivasa GayamSrinivasa Gayam
Used to be under Security...General...Organization, not sure what happened to it now.
Eric KarlinskyEric Karlinsky (Okta, Inc.)

Hey Alex - 

Yes, you can use the Okta Sign-On Policy to define the session duration on a per-group basis. The setting looks something like this:
User-added image
Check out the Sign-On Policy (https://support.okta.com/help/articles/Knowledge_Article/99245886-Configuring-Sign-On-Policies) help article for more details.

Eric

This was selected as the best answer
Alex ShchukinAlex Shchukin
Eric, thank you for your reply. Does this affect session inactivity?
Wils DawsonWils Dawson (Okta, Inc.)
Hi Alex,

The time which you specify in the UI, per the documentation, is the maximum idle time before the session will expire.

- Wils
Eric ShelleyEric Shelley
Does updating this Sign-On Policy increase the expiration time of the JWT token? I have tried increasing this time but the expiration time of the JWT token is still set to 1 hour. I have users who perform tasks for an hour and a half away from their computers. By the time they go back to their computer the session has already expired. Without the browser being active for the auto-refresh, the user is stuck logging in several times in the day and is very upset with our team.

Is there a way to change the JWT expiresAt time?