Types of Session Lifetime Limits
Session settings apply to the logon pages for the web-based administrative consoles, the command API interface described in the RSA Authentication Manager Developer’s Guide, and the risk-based authentication (RBA) logon attempts by end users. When a session times out or reaches the maximum lifetime, the logon page is redisplayed, and the user must log on again.
You can configure the following settings for sessions:
Time-out. The length of time that a session can be inactive before being terminated. The default setting is 30 minutes.
Maximum Lifetime. The maximum length of an session. When the console session reaches its session lifetime, the session is terminated and the administrator is logged off, regardless of whether the session is active. The default setting is eight hours.
These settings are independent of session inactivity. For example, if a console and command API session lifetime is eight hours, an administrator is automatically logged off after eight hours, even if there have been no periods of inactivity during the session.
Only a Super Admin can modify the console and command API session settings.
Related Tasks
Related Articles
Session Lifetime Limits Number of Views Edit Session Lifetime Settings Number of Views Edit Session Lifetime Settings for Operating System Access Number of Views What are the custom attribute data type limits in RSA Identity Governance & Lifecycle Number of Views How to set emergency access tokencode lifetime for permanently lost or broken RSA SecurID tokens Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.8 Setup and Configuration Guide
