User Interface (UI) Sessions

Edited

The following timeout values are in effect for the PeakCommerce UI:

  • By default, the idle session timeout value is 180 minutes (3 hours). An administrator can configure the Idle Session Timeout in Minutes value for an account on the General Preferences page. Go to Setup > Company > Preferences > General Preferences. Valid values range from 15 minutes to 720 minutes (12 hours).

  • The default value of 12 hours for absolute session timeout is aligned with the National Institute of Standards and Technology (NIST) Digital Identity Guidelines for Authentication and Lifecycle Management. Click here to view Section 4.2.3, Reauthentication, in the NIST guidelines.

UI session management information for users:

  • Users are shown a warning with a 60-second countdown before an idle session timeout occurs. The user can click a Keep Session Active button to resume the session.

  • Session management across multiple tabs has been synchronized. When a user logs in to an account, all open tabs associated with that account are simultaneously unlocked. When a user logs out of an account, all open tabs associated with that account are locked.

  • For users who often switch between roles or various companies and leave multiple browser tabs open from previous sessions, the tabs of stale sessions are shown as inactive. When a user changes roles, sessions from previous roles are invalidated, and those browser tabs are locked.