Session Control Settings

Configure a Session Control.

Plan Availability:

What Are Session Control Settings?

Password and Login settings ensure a secure and reliable user log-on authentication experience.

As an administrator, you can configure the following:

Restrict open sessions for users/company

As a participant, you can do the following:

The platform automatically logs out that user's session after some time of inactivity to protect data from unauthorized access.

View the Session Control

Permissions

Your user account or group membership must have the "Settings: View Settings" permission to view Password Policies unless your user account has the Make this user a Super Admin setting selected.

See the Settings permissions or ask your Administrator for assistance.

Follow these steps to view the Session Control settings:

Ensure that you are logged on to ProcessMaker Platform.
Click the Admin option from the top menu. The Users page displays.
Click the Settings icon from the left sidebar to view all settings.
From the Settings panel on the left, expand the Log-in & Auth section.
Select Session Control to view the following details:
- Setting: The Setting column displays the Session Control setting name.
- Configuration: The Configuration column displays the setting value and how it is configured.

Configure Session Control

Permissions

Your user account or group membership must have the "Settings: Update Settings" permission to edit Session Control unless your user account has the Make this user a Super Admin setting selected.

See the Settings permissions or ask your Administrator for assistance.

Configure the following Session Control tab settings as necessary:

Set the IP Restriction

Set the IP address restriction policy when a user logs on or attempts to log on again using the same user account.

Follow these steps to set the IP restriction policy:

View your Session Control settings. The Session Control tab displays.
Click the Edit icon for the IP Restriction setting. The IP restriction screen displays.
Select the IP restriction as follows:
- Disabled: Disable this setting. The user may log on from a different IP address than that used by the current session. This is the default setting.
- Block duplicate session: Block any attempt to start another session by the same user on another IP address.
- Kill existing session: End the active session.
Click Save. The following message displays: The setting was updated.
Review, and then configure other Session Control settings as necessary.

Set the Device Restriction

Set the device restriction made from user's login.

Follow these steps to set the device restriction:

View your Session Control settings. The Session Control tab displays.
Click the Edit icon for the Device restriction setting. The Device restriction screen displays.
Select device restriction as follows:
- Disabled: Disable this setting. The user may log on from multiple devices. This is the default setting.
- Block duplicate session: Block any attempt to start another session by the same user on another device.
- Kill existing session: End any active sessions that the user has on other devices at the moment the new session starts. Keep the current session on the current device.
Click Save. The following message displays: The setting was updated.
Review, and then configure other Session Control settings as necessary.

Set the session inactivity

Set the session inactivity in minutes.

Follow these steps to set the session inactivity:

View your Session Control settings. The Session Control tab displays.
Click the Edit icon for the Session Inactivity setting. The Session Inactivity screen displays.
In the setting, enter the number of minutes to wait for a session's inactivity. 180 is set by default.
Click Save. The following message displays: The setting was updated.
Review, and then configure other Session Control settings as necessary.

PreviousSCIM Settings NextSSO Settings

Last updated 2 months ago