Overview
To help companies improve account security and meet internal compliance requirements, workspace Admins can now configure custom browser session timeouts for both web and mobile users. These settings define how long a user can remain inactive before they are automatically logged out, minimizing the risk of unauthorized access to sensitive project data.
This feature is part of the Authentication Requirements Customization update and is designed to provide flexible, low-effort security controls that align with your company’s policies.
Pre-requisites
Before you begin:
You must have Admin permissions in your workspace.
Your workspace must be on a plan that includes Authentication Settings under Company Settings.
How to Set Session Timeout Durations
Navigate to your Company Settings.
Go to the Password Management tab.
Click Edit in the Session Timeout section.
Set your preferred timeout duration for:
Web Session Timeout
Mobile Session Timeout
Click Save to apply changes.
Note: Once saved, the new timeout settings apply to all users in your workspace immediately.
What Happens When a Session Times Out?
When a user session exceeds the configured inactivity period:
The user is automatically logged out of the platform.
They are redirected to the login page.
A banner message will display, stating:
"You've been logged out due to inactivity in accordance with your company’s session timeout policy."
Best Practices
Set shorter timeouts for projects with sensitive financial or legal data.
Align the timeout period with your organization’s IT security standards or compliance frameworks.
Communicate timeout policies to team members to avoid confusion when sessions expire.
Frequently Asked Questions
Q: Are users notified before being logged out?
A: No, users will not receive a pre-logout warning. They’ll be redirected to the login page once their session expires.
Q: Can I set different timeouts for different users or roles?
A: No, the timeout settings apply universally across all users in the workspace.
Q: Can users customize their own session timeout?
A: No, only workspace Admins can configure session timeout durations.
Q: Does this setting apply to mobile app sessions as well?
A: Yes, Admins can configure session timeout settings for both Web and Mobile sessions separately.
If you need help setting this up or have questions about your workspace’s authentication settings, please reach out to Support or your Customer Success Manager.