Available for: Enterprise plan
Set up by: Company Admins
Session timeout feature allows you to set up a limit on how long your end-users are allowed to be inactive. The setting affects all members and guests. If the user session hits the limit and expires, they are automatically logged off their Miro profile and will need to authorize again before accessing the Enterprise data.
⚠️ Be mindful when setting timeout limits. Highly secured timeout limits that are too short in duration will result in users continually being logged out of their boards. Consider a balanced, secure approach to session timeouts and remember to communicate timeout limits clearly with your users.
How to enable Session Idle timeout
- Go to Company settings > Security & Compliance > Authentication > Idle Session Timeout
- Toggle on Automatically log out inactive users and set the Timeout limit
Session Idle timeout is enabled
Activating the session idle timeout functionality for the first time will populate the 90 minute default session. The Admin can customize the duration and input a custom integer value from 1 to 9999 and select the units: minutes, hours, or days. The minimum allowed duration is 15 minutes and the maximum allowed duration is 14 days.
For Session Idle Timeout feature, we define inactivity as none of the following actions present anywhere in the app during the defined time:
- mouse movement (or touchscreen movement)
- mouse clicks (or touchscreen taps)
- pressing keyboard
✏️ The default session idle timeout value is 90 minutes. Settings can range from 15 minutes to 14 days.
✏️ Session Idle timeout works everywhere (accessing user activity on different devices, integrations etc).
✏️ If a user is a visitor on a public board stored in an Enterprise plan but is not part of the Enterprise plan that enabled session timeout, they are not affected.
✏️ If a user belongs to multiple organizations which have different session idle timeout intervals in place, then the shortest duration will prevail. For example, a user belongs to one organization with a 6-hour session idle timeout, and one organization with a 30-minute session idle timeout - they will be timed out of all active sessions in 30 minutes.