Available for: Enterprise Plan
Required role: Company Admin
Session timeout feature allows you to set up a limit on how long your end-users are allowed to be inactive. The setting affects all members and guests. If the user session hits the limit and expires, they are automatically logged off their Miro profile and will need to authorize again before accessing the Enterprise data.
⚠️ Be mindful when setting timeout limits. Highly secured timeout limits that are too short in duration will result in users continually being logged out of their boards. Consider a balanced, secure approach to session timeouts and remember to communicate timeout limits clearly with your users.
How to enable Idle Session Timeout
- Go to Company settings > Security & Compliance > Authentication > Idle Session Timeout
- Toggle on Automatically log out inactive users and set the Timeout limit
Idle Session Timeout is enabled
Activating the Idle Session Timeout functionality for the first time will populate the 1-day default session. The Admin can customize the duration and input a custom integer value from 1 to 9999 and select the units: minutes, hours, or days. The minimum allowed duration is 1 hour and the maximum allowed duration is 14 days. We recommend setting a duration of no less than 8 hours.
For the Idle Session Timeout feature, we define inactivity as none of the following actions present anywhere in the app during the defined time:
- mouse movement (or touchscreen movement)
- mouse clicks (or touchscreen taps)
- pressing keyboard
✏️ The default Idle Session Timeout value is 1 day. Settings can range from 1 hour to 14 days.
✏️ Idle Session Timeout works everywhere (accessing user activity on different devices, integrations etc).
✏️ If a user is a visitor on a public board stored in an Enterprise plan but is not part of the Enterprise plan that enabled session timeout, they are not affected.
✏️ If a user belongs to multiple organizations which have different Idle Session Timeout intervals in place, then the shortest duration will prevail. For example, a user belongs to one organization with a 6-hour Idle Session Timeout, and one organization with a 30-minute Idle Session Timeout - they will be timed out of all active sessions in 30 minutes.