Session timeout
A session timeout is a safeguard against sensitive data remaining visible when a screen has been left unattended for a defined duration.
Follow these steps to setup a session timeout in Journey Brokers.
Ensure the Session timeout in Journey Manager's Security Manager is set to the desired duration.
- Log into Journey Manager and go to Security > Security Managers.
- Select your security manager from the list.
- On the Security Manager tab, select the desired Session timeout value.
- Click Save.
Set the
idleTime
intransact-config.json
to be slightly longer than the timeout selected in Journey Manager. For example, if you selected30 minutes
as the Session timeout in Journey Manager, set theidleTime
to at least 31 minutes. This will ensure that if both the application and Journey Manager session have been idle for the same amount of time, the app will check the JM session just after it has ended.
info
The idleTime
value is specified in milliseconds. For example, the value for an idleTime
of 31 minutes is 1860000
( = 31 * 60 * 1000).
Each time the application is left idle (that is, without interaction) for the defined idleTime
, Journey Brokers checks Journey Manager for a connected session. If the session time in Journey Manager has elapsed, the application logs out, presenting the login screen to the user.