Available for: Enterprise plan
Set up by: Company Admins
Session timeout feature allows you to set up a limit on how long your end-users are allowed to be inactive. The setting affects all members and guests. If the user session hits the limit and expires, they are automatically logged off their Miro profile and will need to authorize again before accessing the Enterprise data.
⚠️ Be mindful when setting timeout limits. Highly secured timeout limits that are too short in duration will result in users continually being logged out of their boards. Consider a balanced, secure approach to session timeouts and remember to communicate timeout limits clearly with your users.
How to enable Idle Session Timeout
- Go to Company settings > Security & Compliance > Authentication > Idle Session Timeout
- Toggle on Automatically log out inactive users and set the Timeout limitIdle Session Timeout is enabled
Activating the Idle Session Timeout functionality for the first time will populate the 90-minute default session. The Admin can customize the duration and input a custom integer value from 1 to 9999 and select the units: minutes, hours, or days. The minimum allowed duration is 15 minutes and the maximum allowed duration is 14 days.
For the Idle Session Timeout feature, we define inactivity as none of the following actions present anywhere in the app during the defined time:
- mouse movement (or touchscreen movement)
- mouse clicks (or touchscreen taps)
- pressing keyboard
✏️ The default Idle Session Timeout value is 90 minutes. Settings can range from 15 minutes to 14 days.
✏️ Idle Session Timeout works everywhere (accessing user activity on different devices, integrations etc).
✏️ If a user is a visitor on a public board stored in an Enterprise plan but is not part of the Enterprise plan that enabled session timeout, they are not affected.
✏️ If a user belongs to multiple organizations which have different Idle Session Timeout intervals in place, then the shortest duration will prevail. For example, a user belongs to one organization with a 6-hour Idle Session Timeout, and one organization with a 30-minute Idle Session Timeout - they will be timed out of all active sessions in 30 minutes.