Session Control Settings
Configure a Session Control.
What Are Session Control Settings?
Password and Login settings ensure a secure and reliable user log-on authentication experience.
As an administrator, you can configure the following:
Restrict open sessions for users/company
As a participant, you can do the following:
The platform automatically logs out that user's session after some time of inactivity to protect data from unauthorized access.
View the Session Control
Follow these steps to view the Session Control settings:
Ensure that you are logged on to ProcessMaker Platform.
Click the Admin option from the top menu. The Users page displays.
From the Settings panel on the left, expand the Log-in & Auth section.
Select Session Control to view the following details:
Setting: The Setting column displays the Session Control setting name.
Configuration: The Configuration column displays the setting value and how it is configured.
Configure Session Control
Configure the following Session Control tab settings as necessary:
Set the IP Restriction
Set the IP address restriction policy when a user logs on or attempts to log on again using the same user account.
Follow these steps to set the IP restriction policy:
View your Session Control settings. The Session Control tab displays.
Select the IP restriction as follows:
Disabled: Disable this setting. The user may log on from a different IP address than that used by the current session. This is the default setting.
Block duplicate session: Block any attempt to start another session by the same user on another IP address.
Kill existing session: End the active session.
Click Save. The following message displays: The setting was updated.
Set the Device Restriction
Set the device restriction made from user's login.
Follow these steps to set the device restriction:
View your Session Control settings. The Session Control tab displays.
Select device restriction as follows:
Disabled: Disable this setting. The user may log on from multiple devices. This is the default setting.
Block duplicate session: Block any attempt to start another session by the same user on another device.
Kill existing session: End any active sessions that the user has on other devices at the moment the new session starts. Keep the current session on the current device.
Click Save. The following message displays: The setting was updated.
Set the session inactivity
Set the session inactivity in minutes.
Follow these steps to set the session inactivity:
View your Session Control settings. The Session Control tab displays.
In the setting, enter the number of minutes to wait for a session's inactivity. 180 is set by default.
Click Save. The following message displays: The setting was updated.