00u9hjjhqa1qi75gA351.5487807193243792E12 (Customer) asked a question.
We have just one user experiencing sessions expiring, we currently have our MFA session not to push within 24 hours however hers prompts on every login, logs don't tell us much about this, anyone experiencing this issue?
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
Hello Martin
Good afternoon
Thank you for contacting us to clarify your doubts and help you with the setup of your deployment
You can verify and modify the session lifetime for the Sign-on Policy if needed, you just need to click on Security -> Authentication -> Sign-On -> check or add the New Okta Sign-on Policy on top of the default one. There you can verify if the session lifetime is lower than the expected, you can change it to up to a maximum of 90 days.
if you want to know more about this topic you can use the link below as a reference:
https://help.okta.com/en/prod/Content/Topics/Security/healthinsight/session-lifetime.htm
Let us know if this article helps you or if you have any other inquiries.
Have a great day ahead
Regards
Henry Esquivel
Okta.Inc
We have the same and was told it was on the users end since the user signed in with the right auth policy that had a 12hr session time on it.
Hello Anderson
Good afternoon
That is correct, this can occur due to different reasons, as you can see below:
Session cookie
Okta uses an HTTP session cookie to provide access to your Okta organization and applications across web requests for an interactive user agent such as a web browser. A session cookie has an expiration configurable by an administrator for the organization and is valid until the cookie expires or the user closes the session (logout) or browser application. You can verify this information using the link below:
https://developer.okta.com/docs/reference/api/sessions/
Sign-on Policy
Use this drop-down menu to specify the maximum idle time before an authentication prompt is triggered. The maximum allowed time for this option is 90 days. This is not the total connect time. The default session lifetime is 2 hours. This is idle time before users see a countdown timer at the 5-minute mark of the remaining session time. You can verify this information using the link below:
https://help.okta.com/en/prod/Content/Topics/Security/policies/configure-signon-policies.htm
Session management
An Identity Provider (IdP) is a service that stores and manages digital identities. Okta is an IdP service that stores and verifies user identities. Okta provides a federated sign-in service so that a user can access multiple applications with a single set of sign-in credentials. A session is a group of user interactions with a resource, such as an IdP service or an application (app), for a given amount of time. When you use Okta as your IdP, there are two types of sessions that you need to consider for managing the user experience—the IdP session and the application session. You can verify this information using the link below:
https://developer.okta.com/docs/concepts/session/
Let us know if this article helps you or if you have any other inquiries.
Have a great day ahead
Regards
Henry Esquivel
Okta.Inc