• Products
  • Documentation
  • Resources

Update idle session duration

Idle session duration

A user's session duration is the amount of time they stay logged in before logging them out, and they have to log back in. A session is idle when users don't interact with the product during that period of time. Interactions can be active (a user clicks a button) or passive (an open page auto-refreshes).

Before you can update the session duration, verify one or more domains. When you verify a domain, all the Atlassian accounts that use email addresses from the domain become managed by your organization. Learn about verifying a domain for your organization

What are authentication policies?

You set idle session duration in authentication policies. Authentication policies give you the flexibility to configure multiple security levels for different user sets within your organization. Authentication policies also reduce risk by giving you the ability to test different configurations for subsets of users before rolling them out to your whole company.

Set idle session duration with authentication policies

If you don't subscribe to Atlassian Access, you can set idle session duration in one authentication policy for all users. You need a subscription to Atlassian Access to take advantage of multiple authentication policies. Learn more about authentication policies

The idle session duration setting doesn't apply to:

  • Accounts your organization doesn't manage

  • Mobile sessions

When you set idle session duration in an authentication policy, it only applies to your managed accounts. If you don't set idle session duration, we set a default duration of 30 days in the authentication policy. This applies to all the users who have access to your Atlassian products.

To select an idle session duration from an authentication policy:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Security > Authentication policies.

  3. Select Edit for the policy you want to modify.

  4. On the Settings page, select length of time for Idle session duration.

When you save changes to the session duration, users don't get logged out of their accounts. The new idle session duration will apply the next time a user logs in.

Reset sessions for an authentication policy

When you reset sessions for an authentication policy, we log out all members from the policy in about ten minutes. We recommend letting your members know when you reset their sessions. Reset sessions only apply to web sessions but don’t apply to mobile sessions.

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Security > Authentication policies.

  3. Select Edit for the policy you want to modify.

  4. On the Settings or Members page, select Reset sessions.

If you need to reset sessions for an external user policy go to reset sessions for external users

 

Additional Help