<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
0D5WR00001jJmTA0A0Okta Classic EngineAdministrationAnswered2026-06-05T00:42:02.000Z2026-06-04T06:55:10.000Z2026-06-05T00:42:02.000Z

gayeongs.91919 (Customer) asked a question.

Is this bug? (the Default rule of Global session policy)

Hi everyone,

I'm not sure whether this is a bug or expected behavior, so I'd like to ask.

 

In the Default Rule of the Global Session Policy, the Maximum Okta global session idle time value is displayed as "Session Lifetime".

 

/help/servlet/rtaImage?refid=0EMWR00000Y2BlN

 

In my expectation, this should be labeled as "Session idle time" or "Maximum Okta global session idle time" — not "Session Lifetime."

 

Could anyone explain why this is showing as "Session Lifetime"?

 

Thank you.


  • Paul S. (Okta, Inc.)

    Hello @gayeongs.91919 (Customer)​ Thank you for posting on our Community page!

     

    The "Session Lifetime" display is currently expected behaviour and it is not a functional bug that will impact your security policies.

    In older versions of Okta (specifically within the Okta Classic Engine), the primary mechanism for controlling how long a user stayed logged in was driven by inactivity. The overarching concept in the UI was broadly referred to as "Session Lifetime." When Okta introduced more granular security enhancements—specifically separating the Absolute Maximum Session Lifetime from the Maximum Session Idle Time—we updated the settings inside the rule edit screen, but didn't universally update the summary labels on the main dashboard.

    In the Global Session Policy summary tables, Okta often condenses the display label to simply "Session Lifetime". Because the idle timeout is the most common trigger for a session ending, Okta defaults to displaying the idle time value under that generic "Session Lifetime" umbrella in the overview.

     

    Thank you for reaching out to our Community and have a great day!

    --

    Help others in the community by liking or hitting Select as Best if this response helped you.

    Expand Post
    Selected as Best
  • Paul S. (Okta, Inc.)

    Hello @gayeongs.91919 (Customer)​ Thank you for posting on our Community page!

     

    The "Session Lifetime" display is currently expected behaviour and it is not a functional bug that will impact your security policies.

    In older versions of Okta (specifically within the Okta Classic Engine), the primary mechanism for controlling how long a user stayed logged in was driven by inactivity. The overarching concept in the UI was broadly referred to as "Session Lifetime." When Okta introduced more granular security enhancements—specifically separating the Absolute Maximum Session Lifetime from the Maximum Session Idle Time—we updated the settings inside the rule edit screen, but didn't universally update the summary labels on the main dashboard.

    In the Global Session Policy summary tables, Okta often condenses the display label to simply "Session Lifetime". Because the idle timeout is the most common trigger for a session ending, Okta defaults to displaying the idle time value under that generic "Session Lifetime" umbrella in the overview.

     

    Thank you for reaching out to our Community and have a great day!

    --

    Help others in the community by liking or hitting Select as Best if this response helped you.

    Expand Post
    Selected as Best

Loading
Is this bug? (the Default rule of Global session policy)