Blog

How to Customize Session Timeouts

by on September 1, 2019

Once a user of a Backendless-powered app logs in, a session is established. For a variety of reasons, including application security, it is best not to allow users to remain logged in indefinitely. Therefore, every session has an inactivity timeout timer that is reset with every new API call made within the session. When the timer expires, the user is automatically logged out.

The default timeout value is 3600 seconds (1 hour). This means Backendless will keep a session alive for 1 hour after the most recent API request. You can configure the inactivity timeout value in Backendless Console:

The Enable Session Timeout configuration is located under Users > Login. The default setting if the configuration property is OFF. In that case, the inactivity timeout is set to 3600 as described above. To change the setting, enter a timeout value in the inactivity timeout textbox and click the toggle to set it to the ON state. The maximum allowed value is 30 days, which is 2592000 seconds.

Leave a Reply

Related Articles

Session Manager in Backendless Enterprise Security
The Backendless Cloud Enterprise Plan provides enterprise-level security features at an affordable price. Session Manager lets you dig into user access to your application.
Read More
Panic Mode in Backendless Enterprise Security
The Backendless Cloud Enterprise Plan provides enterprise-level security features at an affordable price. Panic Mode is a key feature that gives you peace of mind in the event that a team member’s login credentials are compromised.
Read More
Audit Log in Backendless Enterprise Security
The Backendless Cloud Enterprise Plan provides enterprise-level security features at an affordable price. Audit Logs provide a complete picture of all of the actions taken by your team members with access to your Backendless application.
Read More